"-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- ------------------------------------------------------------------------
Debian Security Advisory DSA-1898-1 security@debian.org
http://www.debian.org/security/ Florian Weimer
October 02, 2009 http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : openswan
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2009-2185
It was discovered that the pluto daemon in the openswan, an
implementation of IPSEC and IKE, could crash when processing a crafted
X.509 certificate.
For the old stable distribution (etch), this problem has been fixed in
version 2.4.6+dfsg.2-1.1+etch2.
For the stable distribution (lenny), this problem has been fixed in
version 2.4.12+dfsg-1.3+lenny2.
For the unstable distribution (sid), this problem has been fixed in
version 2.6.22+dfsg-1.
We recommend that you upgrade your openswan package.
Upgrade instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 4.0 alias etch
- -------------------------------
Source archives:
http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2.orig.tar.gz
Size/MD5 checksum: 3555236 e5ef22979f8a67038f445746fdc7ff38
http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch2.diff.gz
Size/MD5 checksum: 91729 e7772358f397628f18f8590b2381a360
http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch2.dsc
Size/MD5 checksum: 879 3210a5ae193686c4f7fcd54c7855d720
Architecture independent packages:
http://security.debian.org/pool/updates/main/o/openswan/openswan-modules-source_2.4.6+dfsg.2-1.1+etch2_all.deb
Size/MD5 checksum: 522838 0368797b593a98c90d6e06cbe6743413
http://security.debian.org/pool/updates/main/o/openswan/linux-patch-openswan_2.4.6+dfsg.2-1.1+etch2_all.deb
Size/MD5 checksum: 599200 1780b2e6a74358d4caf2bde57f3b8f17
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch2_alpha.deb
Size/MD5 checksum: 1798002 0c82e879ab4437375188a65edc88dc3c
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch2_amd64.deb
Size/MD5 checksum: 1675158 db6086977260bbb4bb122d1bab3d3af5
arm architecture (ARM)
http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch2_arm.deb
Size/MD5 checksum: 1718930 99c1b3db0733aa752802d3bac61dee5a
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch2_hppa.deb
Size/MD5 checksum: 1771158 7342b46f65862bee24eb47e6d19d3a33
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch2_i386.deb
Size/MD5 checksum: 1698718 4149cea4bc3176f5882e4c7f84eabf56
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch2_ia64.deb
Size/MD5 checksum: 1930186 e1026107147145804d91567013b23329
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch2_mips.deb
Size/MD5 checksum: 1692076 2b7f7d0c3bda2016453e91424c6a483a
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch2_mipsel.deb
Size/MD5 checksum: 1697442 5ab952bf26a3b392b5c9ef1406a24019
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch2_powerpc.deb
Size/MD5 checksum: 1667696 e84e9f2d87d6cf1b544e650867877c4e
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch2_s390.deb
Size/MD5 checksum: 1671262 7d9b4488c61b3261478e4598e2d1cbe9
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.6+dfsg.2-1.1+etch2_sparc.deb
Size/MD5 checksum: 1689370 f00222a3310c2758204de6ded56cfa4b
Debian GNU/Linux 5.0 alias lenny
- --------------------------------
Source archives:
http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny2.dsc
Size/MD5 checksum: 1315 2eb502ff966ff81e9da9930889f6199c
http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg.orig.tar.gz
Size/MD5 checksum: 3765276 f753413e9c705dee9a23ab8db6c26ee4
http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny2.diff.gz
Size/MD5 checksum: 145354 d0ef8b06a64471210268de94f79bfcbe
Architecture independent packages:
http://security.debian.org/pool/updates/main/o/openswan/linux-patch-openswan_2.4.12+dfsg-1.3+lenny2_all.deb
Size/MD5 checksum: 613180 a589be2a64b1715d209f9c28a5654ea6
http://security.debian.org/pool/updates/main/o/openswan/openswan-modules-source_2.4.12+dfsg-1.3+lenny2_all.deb
Size/MD5 checksum: 537728 e0f72fde54078d6fc805fe27f1a4c688
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny2_alpha.deb
Size/MD5 checksum: 1825688 cecb628caabdc6848734f335e4b14813
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny2_amd64.deb
Size/MD5 checksum: 1767032 12f084adacc24ebe4f03c6106b6ecc11
arm architecture (ARM)
http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny2_arm.deb
Size/MD5 checksum: 1756446 b07bc1876b226a960afcf443cebdf868
armel architecture (ARM EABI)
http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny2_armel.deb
Size/MD5 checksum: 1736620 d3f87f7a3756ab47bedeb23cbabc7c29
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny2_hppa.deb
Size/MD5 checksum: 1805586 c0d564fc0db6241a52bd5e20fadeecb9
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny2_i386.deb
Size/MD5 checksum: 1722564 6d6f09820c51c80105b83c5369b94815
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny2_ia64.deb
Size/MD5 checksum: 1964688 ccd9a5a84b6c9517f5cfa65aee91872d
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny2_mips.deb
Size/MD5 checksum: 1703500 c1570749962f3d983ce6ab3589ed60ae
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny2_mipsel.deb
Size/MD5 checksum: 1710082 1c220e8c8244141f67ae46267ed89844
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny2_powerpc.deb
Size/MD5 checksum: 1710982 39f9f36c47954570d88c089ce23d7d32
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny2_s390.deb
Size/MD5 checksum: 1695204 d6b47d731eddfd3a443aea2c5e233147
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/o/openswan/openswan_2.4.12+dfsg-1.3+lenny2_sparc.deb
Size/MD5 checksum: 1717100 e0c7c8bab8e8da06ad88bfa47431b7b1
These files will probably be moved into the stable distribution on
its next update.
- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and http://packages.debian.org/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iQEcBAEBAgAGBQJKxkYEAAoJEL97/wQC1SS+HRgH/jTSulB3tvuBrscF9OO7hCGg
NpEJ7h/T69lQyxUR+H1mgdVNjC9VNXtBkZ81y+RQdK7+Ja8pEoiNEJ7zMeONnkci
rk4ubabYjojZ/0+rSdXl8a6Z9F3gvQuHmvuN/FYAdH48Ln7sU0QPLKlGR9No9Wv3
8hfB5LBSDzSgDQCDJmc4ByZ0dIIBJ/T+Wnhy8GuAs/q9B5MgneHpOCdJjtA6JU53
/F6SQAC1mCGWXmBwZNQUDAOP25XTaPEeWZwDi0ZFmFOXSkcvv/2XM5IlthSywF/P
CFrWG/9cve02An516eMCYHjFXfA4TTzUuJ882oVcQVkgsFboRKIo8ccxmAe/+d4=
=gmpD
-----END PGP SIGNATURE-----
"
DSA 1856-1: New mantis packages fix information leakRihanna saved millions on new home
This entry was posted
on 1:41 PM
.
Archives
-
▼
2009
(488)
-
▼
October
(44)
- DSA 1915-1: New Linux 2.6.26 packages fix several ...
- RHSA-2009:1529-01 Moderate: samba security update
- USN-850-2: poppler regression
- GLSA 200910-03 Adobe Reader: Multiple vulnerabili...
- DSA 1919-1: New smarty packages fix several vulner...
- DSA 1917-1: New mimetex packages fix several vulne...
- DSA 1912-2: New advi packages fix arbitrary code e...
- GLSA 200910-02 Pidgin: Multiple vulnerabilities
- USN-850-1: poppler vulnerabilities
- RHSA-2009:1522-01 Moderate: kernel security and bu...
- RHSA-2009:1512-01 Important: kdegraphics security ...
- DSA 1912-1: New camlimages fix arbitrary code exec...
- DSA 1913-1: New bugzilla packages fix SQL injection
- DSA 1911-1: New pygresql packages provide secure e...
- RHSA-2009:1499-01 Critical: acroread security update
- RHSA-2009:1501-01 Important: xpdf security update
- USN-848-1: Zope vulnerabilities
- RHSA-2009:1503-01 Important: gpdf security update
- RHSA-2009:1505-01 Moderate: java-1.4.2-ibm securit...
- RHSA-2009:1504-01 Important: poppler security and ...
- DSA 1910-1: New mysql-ocaml packages provide secur...
- USN-849-1: libsndfile vulnerabilities
- RHSA-2009:1502-01 Important: kdegraphics security ...
- RHSA-2009:1513-01 Moderate: cups security update
- USN-847-1: Devscripts vulnerability
- DSA 1895-2: New opensaml2 and shibboleth-sp2 packa...
- DSA 1906-1: End-of-life announcement for clamav in...
- USN-846-1: ICU vulnerability
- USN-845-1: Pan vulnerability
- RHSA-2009:1484-01 Moderate: postgresql security up...
- USN-843-1: BackupPC vulnerability
- USN-842-1: Wget vulnerability
- USN-841-1: GLib vulnerability
- DSA 1902-1: New elinks packages fix arbitrary code...
- DSA 1899-1: New strongswan packages fix denial of ...
- DSA 1901-1: New mediawiki1.7 packages fix several ...
- RHSA-2009:1471-01 Important: elinks security update
- USN-839-1: Samba vulnerabilities
- DSA 1898-1: New openswan packages fix denial of se...
- RHSA-2009:1470-01 Moderate: openssh security update
- USN-838-1: Dovecot vulnerabilities
- RHSA-2009:1472-01 Moderate: xen security and bug f...
- RHSA-2009:1469-01 Important: kernel security update
- RHSA-2009:1455-01 Moderate: kernel security and bu...
-
▼
October
(44)