Your message dated Sun, 24 May 2015 06:34:05 +0000 with message-id <e1ywpu5-0006un...@franck.debian.org> and subject line Bug#785778: fixed in ipsec-tools 1:0.8.2+20140711-3 has caused the Debian Bug report #785778, regarding ipsec-tools: CVE-2015-4047: null pointer dereference crash in racoon to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 785778: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=785778 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: ipsec-tools Version: 1:0.8.0-14 Severity: grave Tags: security upstream Hi Marked as severity grave as this could lead to denial of service, see the following for details: http://www.openwall.com/lists/oss-security/2015/05/20/1 No CVE is assigned yet (will update the bug once assigned). Regards, Salvatore
--- End Message ---
--- Begin Message ---Source: ipsec-tools Source-Version: 1:0.8.2+20140711-3 We believe that the bug you reported is fixed in the latest version of ipsec-tools, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 785...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. no...@debian.org (supplier of updated ipsec-tools package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Wed, 20 May 2015 10:46:55 -0700 Source: ipsec-tools Binary: ipsec-tools racoon Architecture: source amd64 Version: 1:0.8.2+20140711-3 Distribution: unstable Urgency: medium Maintainer: pkg-ipsec-tools team <pkg-ipsec-tools-de...@lists.alioth.debian.org> Changed-By: no...@debian.org Description: ipsec-tools - IPsec utilities racoon - IPsec Internet Key Exchange daemon Closes: 785778 Changes: ipsec-tools (1:0.8.2+20140711-3) unstable; urgency=medium . * Fix null pointer dereference leading to a possible crash and denial of service attack. (Closes: 785778) Checksums-Sha1: f8da82ef687313514a117f2257ebf863b4ef22d8 2253 ipsec-tools_0.8.2+20140711-3.dsc b959808e868a10116b15d9edee53d4d50280eb06 61704 ipsec-tools_0.8.2+20140711-3.debian.tar.xz 8f306268a4e27a149c401ce41ddd66c5f2f8644a 92514 ipsec-tools_0.8.2+20140711-3_amd64.deb 3a08539466d0e38cfbf1fd2e6a69fa4335634fd8 367322 racoon_0.8.2+20140711-3_amd64.deb Checksums-Sha256: 21b803026d0d7841373373e559ab4c828827b0e06519f8eed004149d22199a56 2253 ipsec-tools_0.8.2+20140711-3.dsc f14528fade5be38811af7a5e3f0e167c334dea56e5a9c9a9604daef156b74350 61704 ipsec-tools_0.8.2+20140711-3.debian.tar.xz d8b37ed64c7a078ea669ffada2fa79abefca8a5223cdd9e88f32d874912c1954 92514 ipsec-tools_0.8.2+20140711-3_amd64.deb 3d18e375274dcbaac698ff362824e7cbec9336c6602b108d8d075d01327b8ac6 367322 racoon_0.8.2+20140711-3_amd64.deb Files: a795b1f88b722788f411ddd5ed2e78df 2253 net extra ipsec-tools_0.8.2+20140711-3.dsc 42a498a8ccd7e18300681cb05b7e53a9 61704 net extra ipsec-tools_0.8.2+20140711-3.debian.tar.xz 13cc0bb3950bb89b5687987ef2abaff4 92514 net extra ipsec-tools_0.8.2+20140711-3_amd64.deb a677aab2f0058430af8de5dcd6d38d14 367322 net extra racoon_0.8.2+20140711-3_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBVWFvZvYw89L1q13TAQgylw/8DyJvjkp8bhlRTn2A69k8s9tXjROBU/OT 8x2bTJ6q7Hiuso6UA9R9rz0rJOyZyQSGHkiAVdYdmygsG3KENZf9Kz2TxdT5CoUS WLNtHBBQic49R7NE3VCnStxi/XzPdXgzRtce1PZeOM+AgN92K6HOcQXTdTFPs578 n+MlvZj/B0cXVQOB/1Lg6idnmzW72SoLCfqJVDgfujWg+Z2GagNANVjc3uHz+yCp /scK/RBZWNGzIiT9UuEXrApIvddkM2k73AaP4D5uBWL/5oMWSHoFlKMlu3Iw0t/J IxGHgvndWUMFVU+u7pkgMNm8SKsZqsVw8Tp8iVTVUqLFhwurJmOn6hMsgHUPud4E FvR5oIHjf0s7KUAsuFSIivqerh4AhFWAwfB1Tx8roL5En/t4UWOTt+Ql5fDR4/UC qMQn0fC/DWxvA5oI8tXmM2aDnn/WdFkbv5y2i9tDsHvWX7fWiBt/0Mu3TijrZxDs NqkZ9sIgJE/Tb6HZbd4bSfVcG2Sr/Ln5bSUAHPMs6TFM1IrDn30FIZVlyJuGQwL4 Wv9AsyOfYQWHkj9fdkJcU/j9H/U7gJo3Rt8DYf3C46OQ4wKGYI7MFKXmFVp8fOQY PqJurbxMVQqc4K05+aR/xJyU1uqr19ApBfKF0iB6rygzDwKsaRa6hHBWt8WGYRqB +w6vCRrh/LQ= =zEqS -----END PGP SIGNATURE-----
--- End Message ---
