Summary: | <net-misc/libreswan-3.17: DoS when receiving an IKE transform containing AES_XCBC | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Daniel M. Weeks <dan> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | floppym, pinkbyte |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | ~3 [noglsa cve] | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Daniel M. Weeks
2016-04-14 21:20:02 UTC
Correction, this does not affect the current version in the tree (3.15) but 3.16 should be skipped in favor of 3.17. See #578162. *** Bug 578162 has been marked as a duplicate of this bug. *** So... there's really nothing for me to do here? Vulnerable version never landed in the tree. Package was not stabilized back then either. |