Bug#521949: marked as done (CVE-2009-0790: DoS)

Debian Bug Tracking System Fri, 17 Apr 2009 03:23:38 -0700

Your message dated Fri, 17 Apr 2009 09:47:14 +0000
with message-id <e1lukfc-0004ty...@ries.debian.org>
and subject line Bug#521949: fixed in openswan 1:2.6.21+dfsg-1
has caused the Debian Bug report #521949,
regarding CVE-2009-0790: DoS
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
521949: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=521949
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Package: openswan
Severity: grave
Tags: security

Hi

>From the DSA:

CVE-2009-0790

Gerd v. Egidy discovered that the Pluto IKE daemon in openswan is prone
to a denial of service attack via a malicious packet.

I've attached the patch from stable-security, please consider including
it for unstable/testing.

Cheers
Steffen

diff -u openswan-2.4.12+dfsg/debian/changelog openswan-2.4.12+dfsg/debian/changelog
--- openswan-2.4.12+dfsg/debian/changelog
+++ openswan-2.4.12+dfsg/debian/changelog
@@ -1,3 +1,11 @@
+openswan (1:2.4.12+dfsg-1.3+lenny1) stable-security; urgency=high
+
+  * Non-maintainer upload by the security team
+  * Fix DoS issue via malicious Dead Peer Detection packet
+    Fixes: CVE-2009-0790
+
+ -- Steffen Joeris <wh...@debian.org>  Tue, 24 Mar 2009 13:20:43 +0000
+
 openswan (1:2.4.12+dfsg-1.3) unstable; urgency=high
 
   * Non-maintainer upload.
diff -u openswan-2.4.12+dfsg/debian/patches/00list openswan-2.4.12+dfsg/debian/patches/00list
--- openswan-2.4.12+dfsg/debian/patches/00list
+++ openswan-2.4.12+dfsg/debian/patches/00list
@@ -3,0 +4 @@
+03-CVE-2009-0790.dpatch
only in patch2:
unchanged:
--- openswan-2.4.12+dfsg.orig/debian/patches/03-CVE-2009-0790.dpatch
+++ openswan-2.4.12+dfsg/debian/patches/03-CVE-2009-0790.dpatch
@@ -0,0 +1,30 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+
+...@dpatch@
+Index: demux.c
+===================================================================
+RCS file: /projects/xelerance/master/openswan-2/programs/pluto/demux.c,v
+retrieving revision 1.210.2.16
+diff -c -r1.210.2.16 demux.c
+*** openswan-2.x.x/programs/pluto/demux.c.old	16 Jun 2008 01:03:04 -0000	1.210.2.16
+--- openswan-2.4.12+dfsg/programs/pluto/demux.c	22 Mar 2009 20:11:13 -0000
+***************
+*** 1068,1076 ****
+--- 1068,1084 ----
+          switch (n->isan_type)
+          {
+          case R_U_THERE:
++ 	   if(st==NULL) {
++ 		loglog(RC_LOG_SERIOUS, "received bogus  R_U_THERE informational message");
++ 		return STF_IGNORE;
++ 	   }
+              return dpd_inI_outR(st, n, n_pbs);
+  
+          case R_U_THERE_ACK:
++ 	   if(st==NULL) {
++ 		loglog(RC_LOG_SERIOUS, "received bogus  R_U_THERE informational message");
++ 		return STF_IGNORE;
++ 	   }
+              return dpd_inR(st, n, n_pbs);
+  
+  	case PAYLOAD_MALFORMED:

--- End Message ---

--- Begin Message ---

Source: openswan
Source-Version: 1:2.6.21+dfsg-1

We believe that the bug you reported is fixed in the latest version of
openswan, which is due to be installed in the Debian FTP archive:

linux-patch-openswan_2.6.21+dfsg-1_all.deb
  to pool/main/o/openswan/linux-patch-openswan_2.6.21+dfsg-1_all.deb
openswan-modules-source_2.6.21+dfsg-1_all.deb
  to pool/main/o/openswan/openswan-modules-source_2.6.21+dfsg-1_all.deb
openswan_2.6.21+dfsg-1.diff.gz
  to pool/main/o/openswan/openswan_2.6.21+dfsg-1.diff.gz
openswan_2.6.21+dfsg-1.dsc
  to pool/main/o/openswan/openswan_2.6.21+dfsg-1.dsc
openswan_2.6.21+dfsg-1_amd64.deb
  to pool/main/o/openswan/openswan_2.6.21+dfsg-1_amd64.deb
openswan_2.6.21+dfsg.orig.tar.gz
  to pool/main/o/openswan/openswan_2.6.21+dfsg.orig.tar.gz



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 521...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Rene Mayrhofer <rm...@debian.org> (supplier of updated openswan package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Thu, 09 Apr 2009 17:05:39 +0200
Source: openswan
Binary: openswan openswan-modules-source linux-patch-openswan
Architecture: source all amd64
Version: 1:2.6.21+dfsg-1
Distribution: unstable
Urgency: low
Maintainer: Rene Mayrhofer <rm...@debian.org>
Changed-By: Rene Mayrhofer <rm...@debian.org>
Description: 
 linux-patch-openswan - IPSEC Linux kernel support for Openswan
 openswan   - IPSEC utilities for Openswan
 openswan-modules-source - IPSEC kernel modules source for Openswan
Closes: 521949
Changes: 
 openswan (1:2.6.21+dfsg-1) unstable; urgency=low
 .
   * New upstream release
     Closes: #521949: CVE-2009-0790: DoS
Checksums-Sha1: 
 11dbd418222c1805ad28a29c814b742e7c225108 1299 openswan_2.6.21+dfsg-1.dsc
 5e59533675868c11c065e8bf40403efae1ddbdbf 6382381 
openswan_2.6.21+dfsg.orig.tar.gz
 08da9ee0d721f6c0db692ca7e38abb3f69fa34d5 149833 openswan_2.6.21+dfsg-1.diff.gz
 eb8c3cbec6f27264ed1411e100e1d273b4f13a0f 481022 
openswan-modules-source_2.6.21+dfsg-1_all.deb
 aa8252fcf4ccb95115e06b1469449a4ab36562da 869590 
linux-patch-openswan_2.6.21+dfsg-1_all.deb
 454e6313b2b85021e671b2701da1d339315e3776 3057578 
openswan_2.6.21+dfsg-1_amd64.deb
Checksums-Sha256: 
 de3518ea003827481f1585223d1f99a5239160f014ce18f90f729f770ace6049 1299 
openswan_2.6.21+dfsg-1.dsc
 5a4d433ff7d93335630d13fd3a103929fdebf35fa612ea33e8f7d5ffa52e0e76 6382381 
openswan_2.6.21+dfsg.orig.tar.gz
 d31e9def1dcb9b3bed284cc4f3e0dd7611f30c312d089850a539f41e15c6d7c0 149833 
openswan_2.6.21+dfsg-1.diff.gz
 1b86c60817df35039cd0224b2132c365e4ac1e980c8ea55bf29d35d272d2653f 481022 
openswan-modules-source_2.6.21+dfsg-1_all.deb
 3c84ac0888d221f23c3601cf64903c1dae52555bbdec8bdd55a6c19ecce67779 869590 
linux-patch-openswan_2.6.21+dfsg-1_all.deb
 a0217fe8a3cc7978eeb519baf1489e8ecd84ab4ecc39679475e34e78be997264 3057578 
openswan_2.6.21+dfsg-1_amd64.deb
Files: 
 c9b4a6dd51a8fa909a744b08cdeef062 1299 net optional openswan_2.6.21+dfsg-1.dsc
 70f3d47f989eb72aedd6aa5ca626cc99 6382381 net optional 
openswan_2.6.21+dfsg.orig.tar.gz
 efabec48c9ab02136929605484a2a004 149833 net optional 
openswan_2.6.21+dfsg-1.diff.gz
 3445f68aa023ca9f0606361b1cd1177a 481022 kernel optional 
openswan-modules-source_2.6.21+dfsg-1_all.deb
 1e7c6acffa14e8d6e084d15efd393df0 869590 kernel optional 
linux-patch-openswan_2.6.21+dfsg-1_all.deb
 083c5fc14e0af65c1587710e824c83e3 3057578 net optional 
openswan_2.6.21+dfsg-1_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAknoPkgACgkQq7SPDcPCS96mUQCgtxZ6egzY8oFbI+hvACvnYOOH
xzcAniEva1zD26jxWA1KnuS00WVc2989
=Nr1b
-----END PGP SIGNATURE-----

--- End Message ---

Bug#521949: marked as done (CVE-2009-0790: DoS)

Reply via email to