lp:ubuntu/jaunty-security/ipsec-tools
- Get this branch:
- bzr branch lp:ubuntu/jaunty-security/ipsec-tools
Branch merges
Branch information
Recent revisions
- 19. By Marc Deslauriers
-
* SECURITY UPDATE: denial of service via fragmented packets without a
payload.
- src/racoon/isakmp_ frag.c: validate size of payload data.
- http://cvsweb. netbsd. org/bsdweb. cgi/src/ crypto/ dist/ipsec- tools/src/ racoon/ isakmp_ frag.c. diff?r1= 1.4&r2= 1.4.6.1& f=h
- CVE-2009-1574
* SECURITY UPDATE: denial of service via multiple memory leaks.
- src/racoon/crypto_ openssl. c: call X509_free().
- src/racoon/nattraversal. c: add new natt_keepalive_ delete( ) function
that also frees ka->src and ka->dst.
- http://cvsweb. netbsd. org/bsdweb. cgi/src/ crypto/ dist/ipsec- tools/src/ racoon/ crypto_ openssl. c.diff? r1=1.11. 6.4&r2= 1.11.6. 5&f=u
- http://cvsweb. netbsd. org/bsdweb. cgi/src/ crypto/ dist/ipsec- tools/src/ racoon/ nattraversal. c.diff? r1=1.6& r2=1.6. 6.1&f=u
- CVE-2009-1632 - 18. By Mathias Gug
-
* Merge from debian unstable, remaining changes:
- debian/control:
- Set Ubuntu maintainer address.
- Depend on lsb-base.
- debian/ipsec-tools. setkey. init:
- LSB init script.
* Dropped:
- debian/ipsec-tools. setkey. init:
- restart method: stop then start.
- Use {} instead of () in usage (bash_completion).
- debian/racoon.init:
- Create /var/run/racoon.
- Use {} instead of () in usage (bash_completion).
* Bug fixed by this merge:
- fix XAuth with U-FQDN (LP: #234166).
* Enable build with hardened options:
- src/libipsec/policy_ token.c: don't check return code of fwrite.
- src/setkey/setkey. c: stop scanning stdin if fgets fails. - 17. By Mathias Gug
-
* Merge from debian unstable, remaining changes:
- debian/control:
- Set Ubuntu maintainer address.
- Depend on lsb-base.
- debian/ipsec-tools. setkey. init:
- LSB init script.
- restart method: stop then start.
- Use {} instead of () in usage (bash_completion).
- debian/racoon.init:
- Create /var/run/racoon.
- Use {} instead of () in usage (bash_completion).
* Dropped:
- src/racoon/isakmp_ inf.c: upstream fix for unecrypted ISAKMP packets.
- src/racoon/grabmyaddr. c: Define IFA_RTA and #include <linux/if_addr.h>. - 14. By Kees Cook
-
* Merge from debian unstable, remaining changes:
- src/racoon/isakmp_ inf.c: upstream fix for unecrypted ISAKMP packets.
- src/racoon/grabmyaddr. c: Define IFA_RTA and #include <linux/if_addr.h>.
- debian/control: Set Ubuntu maintainer address.
- LSB init script.
- debian/racoon.init: Create /var/run/racoon. - 13. By Kees Cook
-
* SECURITY UPDATE: remote ipsec tunnel disruption.
* src/racoon/isakmp_ inf.c: upstream fix for unecrypted ISAKMP packets
causing tunnels to be disconnected.
* References
CVE-2007-1841 - 12. By Matthias Klose
-
* Rebuild for changes in the amd64 toolchain.
* Set Ubuntu maintainer address. - 11. By Martin Pitt
-
* Merge from debian unstable.
- LSB init script.
- debian/racoon.init: Create /var/run/racoon.
* src/racoon/grabmyaddr. c: Define IFA_RTA and #include <linux/if_addr.h>. - 10. By Martin Pitt
-
* Merge from Debian. Only changes left:
- LSB init script.
- debian/racoon.init: Create /var/run/racoon.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/karmic/ipsec-tools