[ubuntu/trusty-proposed] strongswan 5.1.2-0ubuntu2 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Mon Apr 14 21:08:14 UTC 2014
strongswan (5.1.2-0ubuntu2) trusty; urgency=medium
* SECURITY UPDATE: remote authentication bypass
- debian/patches/CVE-2014-2338.patch: reject CREATE_CHILD_SA exchange
on unestablished IKE_SAs in src/libcharon/sa/ikev2/task_manager_v2.c.
- CVE-2014-2338
Date: Mon, 14 Apr 2014 11:24:34 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/trusty/+source/strongswan/5.1.2-0ubuntu2
-------------- next part --------------
Format: 1.8
Date: Mon, 14 Apr 2014 11:24:34 -0400
Source: strongswan
Binary: strongswan libstrongswan strongswan-dbg strongswan-starter strongswan-ike strongswan-nm strongswan-plugin-af-alg strongswan-plugin-agent strongswan-plugin-attr-sql strongswan-plugin-certexpire strongswan-plugin-coupling strongswan-plugin-curl strongswan-plugin-dhcp strongswan-plugin-dnscert strongswan-plugin-dnskey strongswan-plugin-duplicheck strongswan-plugin-eap-aka strongswan-plugin-eap-aka-3gpp2 strongswan-plugin-eap-dynamic strongswan-plugin-eap-gtc strongswan-plugin-eap-md5 strongswan-plugin-eap-mschapv2 strongswan-plugin-eap-peap strongswan-plugin-eap-radius strongswan-plugin-eap-sim strongswan-plugin-eap-sim-file strongswan-plugin-eap-sim-pcsc strongswan-plugin-eap-simaka-pseudonym strongswan-plugin-eap-simaka-reauth strongswan-plugin-eap-simaka-sql strongswan-plugin-eap-tls strongswan-plugin-eap-tnc strongswan-plugin-eap-ttls strongswan-plugin-error-notify strongswan-plugin-farp strongswan-plugin-fips-prf strongswan-plugin-gcrypt strongswan-plugin-gmp
strongswan-plugin-ipseckey strongswan-plugin-kernel-libipsec strongswan-plugin-ldap strongswan-plugin-led strongswan-plugin-load-tester strongswan-plugin-lookip strongswan-plugin-mysql strongswan-plugin-ntru strongswan-plugin-openssl strongswan-plugin-pgp strongswan-plugin-pkcs11 strongswan-plugin-pubkey strongswan-plugin-radattr strongswan-plugin-sql strongswan-plugin-sqlite strongswan-plugin-soup strongswan-plugin-sshkey strongswan-plugin-systime-fix strongswan-plugin-unbound strongswan-plugin-unity strongswan-plugin-whitelist strongswan-plugin-xauth-eap strongswan-plugin-xauth-generic strongswan-plugin-xauth-noauth strongswan-plugin-xauth-pam strongswan-pt-tls-client strongswan-tnc-ifmap strongswan-tnc-base strongswan-tnc-client strongswan-tnc-server strongswan-tnc-pdp strongswan-ikev1
strongswan-ikev2
Architecture: source
Version: 5.1.2-0ubuntu2
Distribution: trusty
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
libstrongswan - strongSwan utility and crypto library
strongswan - IPsec VPN solution metapackage
strongswan-dbg - strongSwan library and binaries - debugging symbols
strongswan-ike - strongSwan Internet Key Exchange (v2) daemon
strongswan-ikev1 - strongswan IKEv1 daemon, transitional package
strongswan-ikev2 - strongswan IKEv2 daemon, transitional package
strongswan-nm - strongSwan charon for interaction with NetworkManager
strongswan-plugin-af-alg - strongSwan plugin for AF_ALG Linux crypto API interface
strongswan-plugin-agent - strongSwan plugin for accessing private keys via ssh-agent
strongswan-plugin-attr-sql - strongSwan plugin for providing IKE attributes from databases
strongswan-plugin-certexpire - strongSwan plugin for exporting expiration dates of certificates
strongswan-plugin-coupling - strongSwan plugin for permanent peer certificate coupling
strongswan-plugin-curl - strongSwan plugin for the libcurl based HTTP/FTP fetcher
strongswan-plugin-dhcp - strongSwan plugin for forwarding DHCP request to a server
strongswan-plugin-dnscert - strongSwan plugin for authentication via CERT RRs
strongswan-plugin-dnskey - strongSwan plugin for parsing RFC 4034 public keys
strongswan-plugin-duplicheck - strongSwan plugin for duplicheck functionality
strongswan-plugin-eap-aka - strongSwan plugin for generic EAP-AKA protocol handling
strongswan-plugin-eap-aka-3gpp2 - strongSwan plugin for the 3GPP2-based EAP-AKA backend
strongswan-plugin-eap-dynamic - strongSwan plugin for dynamic EAP method selection
strongswan-plugin-eap-gtc - strongSwan plugin for EAP-GTC protocol handler
strongswan-plugin-eap-md5 - strongSwan plugin for EAP-MD5 protocol handler
strongswan-plugin-eap-mschapv2 - strongSwan plugin for EAP-MSCHAPv2 protocol handler
strongswan-plugin-eap-peap - strongSwan plugin for EAP-PEAP protocol handler
strongswan-plugin-eap-radius - strongSwan plugin for EAP interface to a RADIUS server
strongswan-plugin-eap-sim - strongSwan plugin for generic EAP-SIM protocol handling
strongswan-plugin-eap-sim-file - strongSwan plugin for EAP-SIM credentials from files
strongswan-plugin-eap-sim-pcsc - strongSwan plugin for EAP-SIM credentials on smartcards
strongswan-plugin-eap-simaka-pseudonym - strongSwan plugin for the EAP-SIM/AKA identity database
strongswan-plugin-eap-simaka-reauth - strongSwan plugin for the EAP-SIM/AKA reauthentication database
strongswan-plugin-eap-simaka-sql - strongSwan plugin for SQL-based EAP-SIM/AKA backend reading
strongswan-plugin-eap-tls - strongSwan plugin for the EAP-TLS protocol handler
strongswan-plugin-eap-tnc - strongSwan plugin for the EAP-TNC protocol handler
strongswan-plugin-eap-ttls - strongSwan plugin for the EAP-TTLS protocol handler
strongswan-plugin-error-notify - strongSwan plugin for error notifications
strongswan-plugin-farp - strongSwan plugin for faking ARP responses
strongswan-plugin-fips-prf - strongSwan plugin for PRF specified by FIPS
strongswan-plugin-gcrypt - strongSwan plugin for gcrypt
strongswan-plugin-gmp - strongSwan plugin for libgmp based crypto
strongswan-plugin-ipseckey - strongSwan plugin for authentication via IPSECKEY RRs
strongswan-plugin-kernel-libipsec - strongSwan plugin for a IPsec backend that entirely in userland
strongswan-plugin-ldap - strongSwan plugin for LDAP CRL fetching
strongswan-plugin-led - strongSwan plugin for LEDs blinking on IKE activity
strongswan-plugin-load-tester - strongSwan plugin for load testing
strongswan-plugin-lookip - strongSwan plugin for lookip interface
strongswan-plugin-mysql - strongSwan plugin for MySQL
strongswan-plugin-ntru - strongSwan plugin for NTRU crypto
strongswan-plugin-openssl - strongSwan plugin for OpenSSL
strongswan-plugin-pgp - strongSwan plugin for PGP encoding/decoding routines
strongswan-plugin-pkcs11 - strongSwan plugin for PKCS#11 smartcard backend
strongswan-plugin-pubkey - strongSwan plugin for raw public keys
strongswan-plugin-radattr - strongSwan plugin for custom RADIUS attribute processing
strongswan-plugin-soup - strongSwan plugin for the libsoup based HTTP fetcher
strongswan-plugin-sql - strongSwan plugin for SQL configuration and credentials
strongswan-plugin-sqlite - strongSwan plugin for SQLite
strongswan-plugin-sshkey - strongSwan plugin for SSH key decoding routines
strongswan-plugin-systime-fix - strongSwan plugin for system time fixing
strongswan-plugin-unbound - strongSwan plugin for DNSSEC-enabled resolver using libunbound
strongswan-plugin-unity - strongSwan plugin for IKEv1 Cisco Unity Extensions
strongswan-plugin-whitelist - strongSwan plugin for peer-verification against a whitelist
strongswan-plugin-xauth-eap - strongSwan plugin for XAuth backend using EAP methods
strongswan-plugin-xauth-generic - strongSwan plugin for the generic XAuth backend
strongswan-plugin-xauth-noauth - strongSwan plugin for the generic XAuth backend
strongswan-plugin-xauth-pam - strongSwan plugin for XAuth backend using PAM
strongswan-pt-tls-client - strongSwan TLS-based Posture Transport (PT) protocol client
strongswan-starter - strongSwan daemon starter and configuration file parser
strongswan-tnc-base - strongSwan Trusted Network Connect's (TNC) - base files
strongswan-tnc-client - strongSwan Trusted Network Connect's (TNC) - client files
strongswan-tnc-ifmap - strongSwan plugin for Trusted Network Connect's (TNC) IF-MAP clie
strongswan-tnc-pdp - strongSwan plugin for Trusted Network Connect's (TNC) PDP
strongswan-tnc-server - strongSwan Trusted Network Connect's (TNC) - server files
Changes:
strongswan (5.1.2-0ubuntu2) trusty; urgency=medium
.
* SECURITY UPDATE: remote authentication bypass
- debian/patches/CVE-2014-2338.patch: reject CREATE_CHILD_SA exchange
on unestablished IKE_SAs in src/libcharon/sa/ikev2/task_manager_v2.c.
- CVE-2014-2338
Checksums-Sha1:
804c1fa981006ba94eb6db06d7741acc5a004c5b 7484 strongswan_5.1.2-0ubuntu2.dsc
8d4ad4d8aa7b7b2f437d4f563d315eb1253ea33d 162357 strongswan_5.1.2-0ubuntu2.debian.tar.gz
Checksums-Sha256:
3870a37ebe50ec43222a51f1ccd4eb70470be3d0a2900cacafefd819ac0a2c5c 7484 strongswan_5.1.2-0ubuntu2.dsc
777410a054e3e198b82a5e4bdc2e7a38745008d1e2cda50f6d8a198067a85c7a 162357 strongswan_5.1.2-0ubuntu2.debian.tar.gz
Files:
19ae64a8a8a6d0fc9b1e537f24c26b67 7484 net optional strongswan_5.1.2-0ubuntu2.dsc
10075da01657c0e99c9d2d3bca0babd7 162357 net optional strongswan_5.1.2-0ubuntu2.debian.tar.gz
Original-Maintainer: strongSwan Maintainers <pkg-swan-devel at lists.alioth.debian.org>
More information about the Trusty-changes
mailing list