Sicherheit: Denial of Service in libreswan
Aktuelle Meldungen Distributionen
Name: Denial of Service in libreswan
ID: FEDORA-2013-23250
Distribution: Fedora
Plattformen: Fedora 20
Datum: Mo, 23. Dezember 2013, 08:21
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4564
Applikationen: libreswan


Name        : libreswan
Product : Fedora 20
Version : 3.7
Release : 1.fc20
URL : https://www.libreswan.org/
Summary : IPsec implementation with IKEv1 and IKEv2 keying protocols
Description :
Libreswan is a free implementation of IPsec & IKE for Linux. IPsec is
the Internet Protocol Security and uses strong cryptography to provide
both authentication and encryption services. These services allow you
to build secure tunnels through untrusted networks. Everything passing
through the untrusted net is encrypted by the ipsec gateway machine and
decrypted by the gateway at the other end of the tunnel. The resulting
tunnel is a virtual private network or VPN.

This package contains the daemons and userland tools for setting up
Libreswan. To build KLIPS, see the kmod-libreswan.spec file.

Libreswan also supports IKEv2 (RFC4309) and Secure Labeling

Libreswan is based on Openswan-2.6.38 which in turn is based on FreeS/WAN-2.04

Update Information:

Security fix for CVE-2013-4564, extended AES-GCM and AES-CCM

* Wed Dec 11 2013 Paul Wouters <pwouters@redhat.com> - 3.7-1
- Updated to 3.7, fixes CVE-2013-4564

[ 1 ] Bug #1031830 - CVE-2013-4564 libreswan: DoS due to how mangled IKE
packets are handled

This update can be installed with the "yum" update program. Use
su -c 'yum update libreswan' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list
Pro-Linux @Facebook
Neue Nachrichten