Comment 1 Thierry Carrez (RETIRED) 2005-03-08 01:32:09 UTC

Created attachment 52903 [details, diff]
patch-isakmp.c

Patch from Yvan VANHULLEBUS.
Discovery credits go to Sebastian Krahmer (SuSE)

Comment 2 Thierry Carrez (RETIRED) 2005-03-14 07:34:45 UTC

Patch is now public @
http://cvs.sourceforge.net/viewcvs.py/ipsec-tools/ipsec-tools/src/racoon/isakmp.c?r1=1.32.2.1&r2=1.32.2.2
"Fixed a buffer underrun (CAN-2005-0398)"

latexer, plasmaroo: please bump ipsec-tools with patch.

Comment 3 Peter Johanson (RETIRED) 2005-03-14 11:09:37 UTC

Koon, I've just commited 0.4-r1 and 0.5-r1 with the changes. Since 0.4 has been in portage for a while, I suggest we target 0.4-r1 for stabalization in the next few days so we can have a stable fixed version.

Comment 4 Thierry Carrez (RETIRED) 2005-03-15 01:04:02 UTC

*** Bug 85307 has been marked as a duplicate of this bug. ***

Comment 5 Thierry Carrez (RETIRED) 2005-03-15 01:06:23 UTC

Arches, please test and mark ipsec-tools-0.4-r1 stable

Comment 6 Thierry Carrez (RETIRED) 2005-03-20 06:39:21 UTC

Kugelfang, plasmaroo, weeve: you marked it stable last time, do you think you can test and mark this one stable as well ?

Comment 7 Jan Brinkmann (RETIRED) 2005-03-20 07:07:23 UTC

stable on amd64

Comment 8 Jason Wever (RETIRED) 2005-03-20 08:53:42 UTC

SPARCtastic.

Comment 9 Thierry Carrez (RETIRED) 2005-03-23 06:52:23 UTC

x86/latexer/plasmaroo: please test and mark ipsec-tools-0.4-r1 stable on x86 if you can.

Comment 10 Peter Johanson (RETIRED) 2005-03-23 07:03:01 UTC

Marked stable on x86.

Comment 11 Thierry Carrez (RETIRED) 2005-03-23 07:21:18 UTC

Thx Peter
Security: GLSA vote needed, a vote YES

Comment 12 Sune Kloppenborg Jeppesen (RETIRED) 2005-03-23 08:04:11 UTC

Pre-authentication remote crash -> I vote YES.

Comment 13 Matthias Geerdsen (RETIRED) 2005-03-25 10:26:35 UTC

GLSA 200503-33

thanks everyone