[SECURITY] [DSA 5368-1] libreswan security update

Liste des GroupesRevenir à lda security 
Sujet : [SECURITY] [DSA 5368-1] libreswan security update
De : carnil (at) *nospam* debian.org (Salvatore Bonaccorso)
Groupes : linux.debian.announce.security
Date : 03. Mar 2023, 22:00:01
Autres entêtes
Organisation : linux.* mail to news gateway
Message-ID : <G5jJn-9QPT-3@gated-at.bofh.it>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5368-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
March 03, 2023                        https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : libreswan
CVE ID         : CVE-2023-23009
Debian Bug     : 1031821

It was discovered that the libreswan IPsec implementation could be
forced into a crash/restart via malformed IKEv2 packets after peer
authentication, resulting in denial of service.

For the stable distribution (bullseye), this problem has been fixed in
version 4.3-1+deb11u3.

We recommend that you upgrade your libreswan packages.

For the detailed security status of libreswan please refer to its
security tracker page at:
https://security-tracker.debian.org/tracker/libreswan

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmQCUIxfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0R+XA/8C9tcRpaDWv6IsxJam+6YPviUXdUGQ6NgJOSxes7NHjl4mdYbJm/xUrm/
nM4C272cHbhfd/RJf/TqZM+aPvJ6ohcq6OfgVQlef7ys92RDPrpyOq0jVyWzHI6O
/CsRRMehgQD68Q5RAUe9CFxGDZ2YfI/+sEyts6bh0h4TStZbWWYSVO/ZhQvrLRbH
evGBoHX6qNRu8PYTlkgDeBmDpHAuHE6s5IlTwldaFSZlxMI2DycRBEF7ZiqKPXGl
gcn5gX0qQbfZOD9AlKEr5dlvMLQYE4AHWIgh35clwr7Nm/BqXP4QXGvMu4Of+djc
u+z+OIRhJqgVOJ3+cYYu4NN6wwGs6ZJgKtYxEYRRepUo0/fomM4YDZery3LgaCA4
HdbeW4oMbQm1az1VjwQBaOk1O0kKcA3Po87PRQCNSyZnus7f5IflT5G75tZn4HyU
s54iYoo6jT3lZ1zS9STupO8TdmWdEQpo6RCoIh8h4b89/+Uv4g6LlvFilyT+cf7H
ZVC4sEJ8VW/eSg9PwNfcYWlEAzJeVZccUPatLLe6bKf6Hi4c9JTcnlITpExtd4qn
4C4+5glzy910OGHjKXS2ljJCgVi+A9ch7Bndi7y07apYwh+yavbvppCbC6h5PauE
PIPc4ElQHa7cTOUjIAj4M9fD1JtK0BSwQ17hAwDCRa8PYRmWAJ4=
=S2f1
-----END PGP SIGNATURE-----

Date Sujet#  Auteur
3 Mar 23 o [SECURITY] [DSA 5368-1] libreswan security update1Salvatore Bonaccorso

Haut de la page

Les messages affichés proviennent d'usenet.

NewsPortal