[ MDVSA-2008:181 ] ipsec-tools
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2008:181
http://www.mandriva.com/security/
_______________________________________________________________________
Package : ipsec-tools
Date : August 28, 2008
Affected: 2007.1, 2008.0, 2008.1, Corporate 4.0,
Multi Network Firewall 2.0
_______________________________________________________________________
Problem Description:
Two denial of service vulnerabilities were discovered in the
ipsec-tools racoon daemon, which could allow a remote attacker to cause
it to consume all available memory (CVE-2008-3651, CVE-2008-3652).
The updated packages have been patched to prevent these issues.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3651
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3652
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2007.1:
e3a12410fab45488a49034076c096a12
2007.1/i586/ipsec-tools-0.6.6-2.2mdv2007.1.i586.rpm
eeb78f3ca87a91c05c69f39c13119899
2007.1/i586/libipsec0-0.6.6-2.2mdv2007.1.i586.rpm
e2014baecdcc1243e1711bb3bc4330bf
2007.1/i586/libipsec0-devel-0.6.6-2.2mdv2007.1.i586.rpm
255d8527872be4d72bbbac8be7866683
2007.1/SRPMS/ipsec-tools-0.6.6-2.2mdv2007.1.src.rpm
Mandriva Linux 2007.1/X86_64:
cab88fba0361f7ad10d92fe4a0bcf5cf
2007.1/x86_64/ipsec-tools-0.6.6-2.2mdv2007.1.x86_64.rpm
ce73d466b05959f8432546fcc2154bdd
2007.1/x86_64/lib64ipsec0-0.6.6-2.2mdv2007.1.x86_64.rpm
7a29d409c432f251e58829479bb30c44
2007.1/x86_64/lib64ipsec0-devel-0.6.6-2.2mdv2007.1.x86_64.rpm
255d8527872be4d72bbbac8be7866683
2007.1/SRPMS/ipsec-tools-0.6.6-2.2mdv2007.1.src.rpm
Mandriva Linux 2008.0:
f969998276a204a0f102183746004665
2008.0/i586/ipsec-tools-0.6.7-1.1mdv2008.0.i586.rpm
7c16efad4b9bce8cf1ba6f3457cc58f6
2008.0/i586/libipsec0-0.6.7-1.1mdv2008.0.i586.rpm
23da7349d57158b08d2673d57d53fc50
2008.0/i586/libipsec0-devel-0.6.7-1.1mdv2008.0.i586.rpm
ef1478d445cbf1b5f80f776ec7d7752c
2008.0/SRPMS/ipsec-tools-0.6.7-1.1mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64:
cbeb6df9cbf7c62d235d6408ad25b1a9
2008.0/x86_64/ipsec-tools-0.6.7-1.1mdv2008.0.x86_64.rpm
b04fcb7ccbd32e801d41c4d83a7a57d9
2008.0/x86_64/lib64ipsec0-0.6.7-1.1mdv2008.0.x86_64.rpm
6f813c88f3990506069e459957bc43d7
2008.0/x86_64/lib64ipsec0-devel-0.6.7-1.1mdv2008.0.x86_64.rpm
ef1478d445cbf1b5f80f776ec7d7752c
2008.0/SRPMS/ipsec-tools-0.6.7-1.1mdv2008.0.src.rpm
Mandriva Linux 2008.1:
3be558f00238da24b450c34534914845
2008.1/i586/ipsec-tools-0.7-1.1mdv2008.1.i586.rpm
582922de31e7c3549337c68ccd948a94
2008.1/i586/libipsec0-0.7-1.1mdv2008.1.i586.rpm
55aa0129f04bfa0b3fd79eeb40e0e76f
2008.1/i586/libipsec-devel-0.7-1.1mdv2008.1.i586.rpm
36a949ae25bcdc895ba024450f910d9a
2008.1/SRPMS/ipsec-tools-0.7-1.1mdv2008.1.src.rpm
Mandriva Linux 2008.1/X86_64:
ca6754c65ae12d91cc9eba32009ea6a9
2008.1/x86_64/ipsec-tools-0.7-1.1mdv2008.1.x86_64.rpm
e74682fd89ee6649d41e03c5135faebe
2008.1/x86_64/lib64ipsec0-0.7-1.1mdv2008.1.x86_64.rpm
55d777ad6fe96f53fa6ca436b5921580
2008.1/x86_64/lib64ipsec-devel-0.7-1.1mdv2008.1.x86_64.rpm
36a949ae25bcdc895ba024450f910d9a
2008.1/SRPMS/ipsec-tools-0.7-1.1mdv2008.1.src.rpm
Corporate 4.0:
c5146f5b46e8386687a1b37fe0dc29f9
corporate/4.0/i586/ipsec-tools-0.6.5-2.2.20060mlcs4.i586.rpm
9c25c57f06839afbf55dd31547000721
corporate/4.0/i586/libipsec0-0.6.5-2.2.20060mlcs4.i586.rpm
a565fab7f9c3ef0d48ced13bd9c84500
corporate/4.0/i586/libipsec0-devel-0.6.5-2.2.20060mlcs4.i586.rpm
87221b03544e9e9cb10491e8504813b0
corporate/4.0/SRPMS/ipsec-tools-0.6.5-2.2.20060mlcs4.src.rpm
Corporate 4.0/X86_64:
a1ee7dd60a3ea3471b5de7a8ab875735
corporate/4.0/x86_64/ipsec-tools-0.6.5-2.2.20060mlcs4.x86_64.rpm
93ac29406969dfbcccd77858c3edb553
corporate/4.0/x86_64/lib64ipsec0-0.6.5-2.2.20060mlcs4.x86_64.rpm
268e50439113279ce14068f54d0895a8
corporate/4.0/x86_64/lib64ipsec0-devel-0.6.5-2.2.20060mlcs4.x86_64.rpm
87221b03544e9e9cb10491e8504813b0
corporate/4.0/SRPMS/ipsec-tools-0.6.5-2.2.20060mlcs4.src.rpm
Multi Network Firewall 2.0:
656584e7399fcf363ea0462e51df9baa
mnf/2.0/i586/ipsec-tools-0.2.5-0.6.M20mdk.i586.rpm
c4ffd9b8ed40fd575eac7828af27ef63
mnf/2.0/i586/libipsec-tools0-0.2.5-0.6.M20mdk.i586.rpm
eb56a9bdcfbddbf8b4ff37fcb9bd9b45
mnf/2.0/SRPMS/ipsec-tools-0.2.5-0.6.M20mdk.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFIt1fpmqjQ0CJFipgRAnLxAKCwcBv4uUfBqHf3c3GFk93ZUU6iJACaAh1W
fljCV5e/DYk2CYPPH73/pD4=
=Akis
-----END PGP SIGNATURE-----