Debian Bug report logs -
#531612
[SA35296] strongSwan Two Denial of Service Vulnerabilities
Reported by: Giuseppe Iuculano <giuseppe@iuculano.it>
Date: Tue, 2 Jun 2009 18:39:01 UTC
Severity: serious
Tags: patch, security
Fixed in versions strongswan/4.2.14-1.1, strongswan/4.3.2-1
Done: Rene Mayrhofer <rmayr@debian.org>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, Debian Security Team <team@security.debian.org>, Debian Testing Security Team <secure-testing-team@lists.alioth.debian.org>, Rene Mayrhofer <rmayr@debian.org>
:
Bug#531612
; Package strongswan
.
(Tue, 02 Jun 2009 18:39:04 GMT) (full text, mbox, link).
Acknowledgement sent
to Giuseppe Iuculano <giuseppe@iuculano.it>
:
New Bug report received and forwarded. Copy sent to Debian Security Team <team@security.debian.org>, Debian Testing Security Team <secure-testing-team@lists.alioth.debian.org>, Rene Mayrhofer <rmayr@debian.org>
.
(Tue, 02 Jun 2009 18:39:04 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Package: strongswan
Severity: serious
Tags: security patch
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
The following SA (Secunia Advisory) id was published for strongswan:
SA35296[1]:
> DESCRIPTION:
> Two vulnerabilities have been reported in strongSwan, which can be
> exploited by malicious people to cause a DoS (Denial of Service).
>
> 1) An error in the IKEv2 charon daemon can be exploited to trigger a
> NULL pointer dereference and cause a crash via specially crafted
> IKE_SA_INIT and CREATE_CHILD_SA requests.
>
> 2) An error in the IKEv2 charon daemon can be exploited to trigger a
> NULL pointer dereference and cause a crash via an IKE_AUTH request
> missing a TSi or TSr payload.
>
> The vulnerabilities are reported in versions 4.1.0 through 4.3.0.
>
> SOLUTION:
> Update to version 4.3.1 or 4.2.15, or apply patches:
> http://download.strongswan.org/patches/03_invalid_ike_state_patch/
> http://download.strongswan.org/patches/04_swapped_ts_check_patch/
>
> PROVIDED AND/OR DISCOVERED BY:
> Reported by the vendor.
>
> ORIGINAL ADVISORY:
> http://download.strongswan.org/patches/03_invalid_ike_state_patch/strongswan-4.x.x_invalid_ike_state.readme
> http://download.strongswan.org/patches/04_swapped_ts_check_patch/strongswan-4.x.x._swapped_ts_check.readme
If you fix the vulnerability please also make sure to include the CVE id
(if will be available) in the changelog entry.
[1]http://secunia.com/advisories/35296/
Patches: http://download.strongswan.org/patches/03_invalid_ike_state_patch/
http://download.strongswan.org/patches/04_swapped_ts_check_patch/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkolcP4ACgkQNxpp46476aouWQCghzO5oD+VYA2hj8US61W2sOCy
pZkAn0GJ0MZ77UHYSVy4Zg/TrtHG1ERA
=0tLy
-----END PGP SIGNATURE-----
Information forwarded
to debian-bugs-dist@lists.debian.org, Rene Mayrhofer <rmayr@debian.org>
:
Bug#531612
; Package strongswan
.
(Mon, 15 Jun 2009 11:30:05 GMT) (full text, mbox, link).
Acknowledgement sent
to Nico Golde <nion@debian.org>
:
Extra info received and forwarded to list. Copy sent to Rene Mayrhofer <rmayr@debian.org>
.
(Mon, 15 Jun 2009 11:30:06 GMT) (full text, mbox, link).
Message #10 received at 531612@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Hi,
attached is a patch for a 0-day NMU I am going to upload to
fix this issue.
Cheers
Nico
--
Nico Golde - http://www.ngolde.de - nion@jabber.ccc.de - GPG: 0xA0A0AAAA
For security reasons, all text in this mail is double-rot13 encrypted.
[strongswan-4.2.14-1_4.2.14-1.1.patch (text/x-diff, attachment)]
[Message part 3 (application/pgp-signature, inline)]
Information forwarded
to debian-bugs-dist@lists.debian.org, Rene Mayrhofer <rmayr@debian.org>
:
Bug#531612
; Package strongswan
.
(Mon, 15 Jun 2009 11:30:07 GMT) (full text, mbox, link).
Acknowledgement sent
to Nico Golde <nion@debian.org>
:
Extra info received and forwarded to list. Copy sent to Rene Mayrhofer <rmayr@debian.org>
.
(Mon, 15 Jun 2009 11:30:07 GMT) (full text, mbox, link).
Message #15 received at 531612@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Hi,
attached is a patch for a 0-day NMU I'm going to upload to
fix this issue.
Cheers
Nico
--
Nico Golde - http://www.ngolde.de - nion@jabber.ccc.de - GPG: 0xA0A0AAAA
For security reasons, all text in this mail is double-rot13 encrypted.
[strongswan-4.2.14-1_4.2.14-1.1.patch (text/x-diff, attachment)]
[Message part 3 (application/pgp-signature, inline)]
Reply sent
to Nico Golde <nion@debian.org>
:
You have taken responsibility.
(Mon, 15 Jun 2009 11:36:05 GMT) (full text, mbox, link).
Notification sent
to Giuseppe Iuculano <giuseppe@iuculano.it>
:
Bug acknowledged by developer.
(Mon, 15 Jun 2009 11:36:06 GMT) (full text, mbox, link).
Message #20 received at 531612-close@bugs.debian.org (full text, mbox, reply):
Source: strongswan
Source-Version: 4.2.14-1.1
We believe that the bug you reported is fixed in the latest version of
strongswan, which is due to be installed in the Debian FTP archive:
libstrongswan_4.2.14-1.1_amd64.deb
to pool/main/s/strongswan/libstrongswan_4.2.14-1.1_amd64.deb
strongswan-ikev1_4.2.14-1.1_amd64.deb
to pool/main/s/strongswan/strongswan-ikev1_4.2.14-1.1_amd64.deb
strongswan-ikev2_4.2.14-1.1_amd64.deb
to pool/main/s/strongswan/strongswan-ikev2_4.2.14-1.1_amd64.deb
strongswan-nm_4.2.14-1.1_amd64.deb
to pool/main/s/strongswan/strongswan-nm_4.2.14-1.1_amd64.deb
strongswan-starter_4.2.14-1.1_amd64.deb
to pool/main/s/strongswan/strongswan-starter_4.2.14-1.1_amd64.deb
strongswan_4.2.14-1.1.diff.gz
to pool/main/s/strongswan/strongswan_4.2.14-1.1.diff.gz
strongswan_4.2.14-1.1.dsc
to pool/main/s/strongswan/strongswan_4.2.14-1.1.dsc
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 531612@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Nico Golde <nion@debian.org> (supplier of updated strongswan package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Mon, 15 Jun 2009 13:06:05 +0200
Source: strongswan
Binary: strongswan libstrongswan strongswan-starter strongswan-ikev1 strongswan-ikev2 strongswan-nm
Architecture: source amd64
Version: 4.2.14-1.1
Distribution: unstable
Urgency: high
Maintainer: Rene Mayrhofer <rmayr@debian.org>
Changed-By: Nico Golde <nion@debian.org>
Description:
libstrongswan - strongSwan utility and crypto library
strongswan - IPsec VPN solution metapackage
strongswan-ikev1 - strongSwan IKEv1 keying daemon
strongswan-ikev2 - strongSwan IKEv2 keying daemon
strongswan-nm - strongSwan plugin to interact with NetworkManager
strongswan-starter - strongSwan daemon starter and configuration file parser
Closes: 531612
Changes:
strongswan (4.2.14-1.1) unstable; urgency=high
.
* Non-maintainer upload by the Security Team.
* Fix two possible null pointer dereferences leading to denial
of service via crafted IKE_SA_INIT, CREATE_CHILD_SA or
IKE_AUTH request (CVE-2009-1957; CVE-2009-1958; Closes: #531612).
Checksums-Sha1:
ea2c805150ec7b20e8b868dca77c3b252ff016da 1502 strongswan_4.2.14-1.1.dsc
f21d0eaae8e4e12ffc95104225de78cf955a84a1 60089 strongswan_4.2.14-1.1.diff.gz
f47312c23c055e64a35cca6c209a21c992c01175 174264 libstrongswan_4.2.14-1.1_amd64.deb
2436f369b4c13d0354dbbfa93928e06d66b6a80f 306756 strongswan-starter_4.2.14-1.1_amd64.deb
ba4102f03583fb858c95d5154879b690b8c76a9c 440100 strongswan-ikev1_4.2.14-1.1_amd64.deb
1bd9ea72963cfe20756159f4fc5f27da3a4f22e7 252434 strongswan-ikev2_4.2.14-1.1_amd64.deb
22355de548495c5416d32f14e2e565e2b6a773fb 41796 strongswan-nm_4.2.14-1.1_amd64.deb
Checksums-Sha256:
92b7d1d588e89b293c1ebe1b61b8877c0fdad48322b7f9870513f04bf55d65e1 1502 strongswan_4.2.14-1.1.dsc
0846c4f85e0d7eff839d41a79fb075075f7ffc7f463e6868d4dfefd1f3e07140 60089 strongswan_4.2.14-1.1.diff.gz
a8557968f338f745a28b13383427b0d255c2ad00a05bdb586dd781ef07d8d283 174264 libstrongswan_4.2.14-1.1_amd64.deb
2bd47f134be9a3c176847850fccc5f5f465cb64863c3ee67903275e429c67626 306756 strongswan-starter_4.2.14-1.1_amd64.deb
ab4a33059119e7b1b9efa45caf23606b6d1437ef0dee76c665603f956f3e1860 440100 strongswan-ikev1_4.2.14-1.1_amd64.deb
7be28cca72dfa2b637d8586070eac49f1ff21fbb2acc08da2da73b19d5993a53 252434 strongswan-ikev2_4.2.14-1.1_amd64.deb
749633cd0ac08b1acb3e017ec8ab2c8c5613fdf125edfff61638380fc04ae516 41796 strongswan-nm_4.2.14-1.1_amd64.deb
Files:
2ca0928a814515d1fbfd58c03817aafe 1502 net optional strongswan_4.2.14-1.1.dsc
98db5ebbc42d17847943407a9c288ced 60089 net optional strongswan_4.2.14-1.1.diff.gz
e23342a055eec3bc8fa3a2686973c1f5 174264 net optional libstrongswan_4.2.14-1.1_amd64.deb
2d6e9ed11afc46be48b15b7935ba1403 306756 net optional strongswan-starter_4.2.14-1.1_amd64.deb
d388d140f55ce4acd1fc301a9deadaf0 440100 net optional strongswan-ikev1_4.2.14-1.1_amd64.deb
b2a488da2e4342bfa03c6ba2dadc9ccd 252434 net optional strongswan-ikev2_4.2.14-1.1_amd64.deb
2d07ead3bcdfa9b6c55501a90292ac40 41796 net optional strongswan-nm_4.2.14-1.1_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAko2L2IACgkQHYflSXNkfP+sdgCfaPdd77M03RHEsuBEouQ/bg4s
P9gAnjBjfnr5CzcIt3P48rAwF/TaAFhZ
=sRPM
-----END PGP SIGNATURE-----
Reply sent
to Rene Mayrhofer <rmayr@debian.org>
:
You have taken responsibility.
(Wed, 24 Jun 2009 09:27:40 GMT) (full text, mbox, link).
Notification sent
to Giuseppe Iuculano <giuseppe@iuculano.it>
:
Bug acknowledged by developer.
(Wed, 24 Jun 2009 09:27:40 GMT) (full text, mbox, link).
Message #25 received at 531612-close@bugs.debian.org (full text, mbox, reply):
Source: strongswan
Source-Version: 4.3.2-1
We believe that the bug you reported is fixed in the latest version of
strongswan, which is due to be installed in the Debian FTP archive:
libstrongswan_4.3.2-1_i386.deb
to pool/main/s/strongswan/libstrongswan_4.3.2-1_i386.deb
strongswan-ikev1_4.3.2-1_i386.deb
to pool/main/s/strongswan/strongswan-ikev1_4.3.2-1_i386.deb
strongswan-ikev2_4.3.2-1_i386.deb
to pool/main/s/strongswan/strongswan-ikev2_4.3.2-1_i386.deb
strongswan-nm_4.3.2-1_i386.deb
to pool/main/s/strongswan/strongswan-nm_4.3.2-1_i386.deb
strongswan-starter_4.3.2-1_i386.deb
to pool/main/s/strongswan/strongswan-starter_4.3.2-1_i386.deb
strongswan_4.3.2-1.diff.gz
to pool/main/s/strongswan/strongswan_4.3.2-1.diff.gz
strongswan_4.3.2-1.dsc
to pool/main/s/strongswan/strongswan_4.3.2-1.dsc
strongswan_4.3.2.orig.tar.gz
to pool/main/s/strongswan/strongswan_4.3.2.orig.tar.gz
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 531612@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Rene Mayrhofer <rmayr@debian.org> (supplier of updated strongswan package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sat, 18 Apr 2009 20:28:51 +0200
Source: strongswan
Binary: strongswan libstrongswan strongswan-starter strongswan-ikev1 strongswan-ikev2 strongswan-nm
Architecture: source i386
Version: 4.3.2-1
Distribution: unstable
Urgency: HIGH
Maintainer: Rene Mayrhofer <rmayr@debian.org>
Changed-By: Rene Mayrhofer <rmayr@debian.org>
Description:
libstrongswan - strongSwan utility and crypto library
strongswan - IPsec VPN solution metapackage
strongswan-ikev1 - strongSwan Internet Key Exchange (v1) daemon
strongswan-ikev2 - strongSwan Internet Key Exchange (v2) daemon
strongswan-nm - strongSwan plugin to interact with NetworkManager
strongswan-starter - strongSwan daemon starter and configuration file parser
Closes: 525234 525652 526037 526486 526487 526488 528073 528323 528370 529027 529063 529071 529592 529638 529661 529742 530273 531612 533837
Changes:
strongswan (4.3.2-1) unstable; urgency=HIGH
.
Urgency high because of security issue and FTBFS.
* New upstream release, fixes security bug.
* Fix padlock handling for i386 in debian/rules.
Closes: #525652 (FTBFS on i386)
* Acknowledge NMUs by security team.
Closes: #533837, #531612
* Add "Conflicts: strongswan (< 4.2.12-1)" to libstrongswan,
strongswan-starter, strongswan-ikev1, and strongswan-ikev2 to force
update of the strongswan package on installation and avoid conflicts
caused by package restructuring.
Closes: #526037: strongswan-ikev2 and strongswan: error when trying to
install together
Closes: #526486: strongswan and libstrongswan: error when trying to
install together
Closes: #526487: strongswan-ikev1 and strongswan: error when trying to
install together
Closes: #526488: strongswan-starter and strongswan: error when trying to
install together
* Debconf templates and debian/control reviewed by the debian-l10n-
english team as part of the Smith review project. Closes: #528073
* Debconf translation updates:
Closes: #525234: [INTL:ja] Update po-debconf template translation (ja.po)
Closes: #528323: [INTL:sv] po-debconf file for strongswan
Closes: #528370: [INTL:vi] Vietnamese debconf templates translation update
Closes: #529027: [INTL:pt] Updated Portuguese translation for debconf messages
Closes: #529071: [INTL:fr] French debconf templates translation update
Closes: #529592: nb translation of debconf PO for strongSWAN
Closes: #529638: [INTL:ru] Russian debconf templates translation
Closes: #529661: Updated Czech translation of strongswan debconf messages
Closes: #529742: [INTL:eu] strongswan debconf basque translation
Closes: #530273: [INTL:fi] Finnish translation of the debconf templates
Closes: #529063: [INTL:gl] strongswan 4.2.14-2 debconf translation update
Checksums-Sha1:
f2512185664e43d6e17107b825b6fdc7b39a87c1 1487 strongswan_4.3.2-1.dsc
a01ef1adc4ff82b2f3673cbea9dbe497ef61b33c 3541466 strongswan_4.3.2.orig.tar.gz
6338406111afb3f59607ddaea485f3c1ad1c59b5 78372 strongswan_4.3.2-1.diff.gz
dc420ad41d4129e7930db01be88670a43d2d9dcf 170386 libstrongswan_4.3.2-1_i386.deb
3c2f22459c2c7fe1763545e34cd7b2d73deb9508 266028 strongswan-starter_4.3.2-1_i386.deb
8a54ab9bea3b78b93397c45657755f9799f6b4d6 331536 strongswan-ikev1_4.3.2-1_i386.deb
09fc51b19d756ad063d1214e85b10d2a40129ceb 225718 strongswan-ikev2_4.3.2-1_i386.deb
638563070a1cc9c201b69732e3340b987ed08d95 43796 strongswan-nm_4.3.2-1_i386.deb
Checksums-Sha256:
34ca69ffd71ff9b80032d5d5aeb2d614ca914b682174e2178670f8fdb043a6e1 1487 strongswan_4.3.2-1.dsc
6ca31f8d6b3f50b6d255af1fb567664abd41e9fe028ac84bbc5ab1085ae7db5f 3541466 strongswan_4.3.2.orig.tar.gz
e284d738ac25634535a5203ba66356b3709c9978f8bc4159dd5695a931ef4340 78372 strongswan_4.3.2-1.diff.gz
7d0fd8fee14ad9e19a44c5a2345f10388add7a4151ba5ba1cf0b20b93764daef 170386 libstrongswan_4.3.2-1_i386.deb
8821b2a5f54c4ae0ca57598d4978b2593d5e380e0325cefbaf1629a95817b17a 266028 strongswan-starter_4.3.2-1_i386.deb
803c53ab4100b8d8dfbba3240e3186402dfa1f8a01846e46adbb861129ebb162 331536 strongswan-ikev1_4.3.2-1_i386.deb
b92ad1e5cdc13b33840106f9eaea7a0cc90970f756a17f053dede8715f5b5d71 225718 strongswan-ikev2_4.3.2-1_i386.deb
d9ce457310e45c1c4ca0a5f9cf77f579eb11c132899313f44551b6b7bf8ffbab 43796 strongswan-nm_4.3.2-1_i386.deb
Files:
e3941351431fe4253b7a8d163966d58d 1487 net optional strongswan_4.3.2-1.dsc
bc2584a0811e0de9737836a4602146d2 3541466 net optional strongswan_4.3.2.orig.tar.gz
f636c349e51f481876424469bd76f640 78372 net optional strongswan_4.3.2-1.diff.gz
6bc4ca52b9e56c90ebf1f0ca6a0a60ff 170386 net optional libstrongswan_4.3.2-1_i386.deb
4e70a71df3c62623f2bd0530865bc3f2 266028 net optional strongswan-starter_4.3.2-1_i386.deb
8cefa4e70aaa86eff409cc39992d92b8 331536 net optional strongswan-ikev1_4.3.2-1_i386.deb
30458ff637f4c477b28d373c6cf30246 225718 net optional strongswan-ikev2_4.3.2-1_i386.deb
4a47bb10be9e4ab4b6bd9fa7d10510dd 43796 net optional strongswan-nm_4.3.2-1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkpB31UACgkQq7SPDcPCS95MPgCcDzFKgDbWAYv16S738Xlcdh+6
9n4AoMtywo2aTzDPshw0mLANd2LcOk6n
=yNOR
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org
.
(Sat, 12 Sep 2009 07:29:34 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 16:28:22 2019;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.