Hi Rene
> Unfortunately, this doesn't apply as dpd code seems to have moved out of
> demux.c (I didn't find any of the patch context). Have you had contact with
> openswan upstream concerning this bug?
Isn't the vulnerable code in programs/pluto/ikev1.c?
Cheers
Steffen
--
To UNSUBSCRIBE, ema
On Tuesday 31 March 2009 01:55:46 Steffen Joeris wrote:
> I've attached the patch from stable-security, please consider including
> it for unstable/testing.
Unfortunately, this doesn't apply as dpd code seems to have moved out of
demux.c (I didn't find any of the patch context). Have you had conta
Package: openswan
Severity: grave
Tags: security
Hi
>From the DSA:
CVE-2009-0790
Gerd v. Egidy discovered that the Pluto IKE daemon in openswan is prone
to a denial of service attack via a malicious packet.
I've attached the patch from stable-security, please consider including
it for unstable
3 matches
Mail list logo
