Your message dated Fri, 02 Jun 2023 22:22:12 +0000 with message-id <e1q5d9w-007hp4...@fasolo.debian.org> and subject line Bug#1035542: fixed in libreswan 4.11-1 has caused the Debian Bug report #1035542, regarding libreswan: CVE-2023-30570: Incorrect aggressive mode interaction causes the pluto daemon to crash to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1035542: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035542 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: libreswan Version: 4.10-2 Severity: important Tags: security upstream Forwarded: https://github.com/libreswan/libreswan/issues/1039 X-Debbugs-Cc: car...@debian.org, Debian Security Team <t...@security.debian.org> Hi, The following vulnerability was published for libreswan. CVE-2023-30570[0]: | Incorrect aggressive mode interaction causes the pluto daemon to | crash If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2023-30570 https://www.cve.org/CVERecord?id=CVE-2023-30570 [1] https://github.com/libreswan/libreswan/issues/1039 Please adjust the affected versions in the BTS as needed. Regards, Salvatore
--- End Message ---
--- Begin Message ---Source: libreswan Source-Version: 4.11-1 Done: Daniel Kahn Gillmor <d...@fifthhorseman.net> We believe that the bug you reported is fixed in the latest version of libreswan, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1035...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Daniel Kahn Gillmor <d...@fifthhorseman.net> (supplier of updated libreswan package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Fri, 02 Jun 2023 17:53:00 -0400 Source: libreswan Architecture: source Version: 4.11-1 Distribution: unstable Urgency: medium Maintainer: Daniel Kahn Gillmor <d...@fifthhorseman.net> Changed-By: Daniel Kahn Gillmor <d...@fifthhorseman.net> Closes: 1035542 Changes: libreswan (4.11-1) unstable; urgency=medium . * New upstream version - fixes CVE-2023-30570 (Closes: #1035542) Checksums-Sha1: 62267893a5e960e8d9e72d44bf6168198a5c228e 2028 libreswan_4.11-1.dsc d0ae16c8d96928be8865bd6c066e0e3922d25ee0 3711304 libreswan_4.11.orig.tar.gz a3ef5531fc8f709bab2147dcd51247c9333bff8c 862 libreswan_4.11.orig.tar.gz.asc e505b0c50d39c3c1488c0b4368292d9fdf92f410 15932 libreswan_4.11-1.debian.tar.xz 70bf9d544ce4acc2bd2893469c077871499c301e 11187 libreswan_4.11-1_amd64.buildinfo Checksums-Sha256: 3317a848b085a66a4263a69836527521172266427343254435f01984e9498b43 2028 libreswan_4.11-1.dsc 429a917fe4a55260f152cfb3188a587e5b12e94a14e240ac125319ff14b8c83d 3711304 libreswan_4.11.orig.tar.gz ea82e85c96d5838033d70d331f7644dd125e994cef66dd21d28a0481b91deb18 862 libreswan_4.11.orig.tar.gz.asc 04422a32e9dcea17bd2765f7c20c5a4eb9ab6e289baeb17081f4e9a410d4e27c 15932 libreswan_4.11-1.debian.tar.xz af2b6e4f3f973e9d5bb3f04704633506b3365caac1babc685ce5ccf580dfa2b0 11187 libreswan_4.11-1_amd64.buildinfo Files: 0ba635a448a866493d237072caf5b605 2028 net optional libreswan_4.11-1.dsc 1dc16f224c1664ae84574adede2d9507 3711304 net optional libreswan_4.11.orig.tar.gz efe269028801c5536172d11fc022ff43 862 net optional libreswan_4.11.orig.tar.gz.asc 5c59d76cd47d94f35358b6b5afbd63ab 15932 net optional libreswan_4.11-1.debian.tar.xz 7a9914091ee61c6af0039bafd0a56852 11187 net optional libreswan_4.11-1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iHUEARYIAB0WIQQttUkcnfDcj0MoY88+nXFzcd5WXAUCZHpnwwAKCRA+nXFzcd5W XMRqAQDN5rRa2xFY+YMMt9kMUh1JK17qC7jpHVZFF/4SHGn9WQEA2t+l9BAPJG2N ge/3ELkzylMUKbqDAUwVQLyLwn21BwU= =QQ5c -----END PGP SIGNATURE-----
--- End Message ---
