openswan-2.6.32-20.0.1.AXS4
エラータID: AXSA:2013-445:01
リリース日:
2013/05/17 Friday - 11:57
題名:
openswan-2.6.32-20.0.1.AXS4
影響のあるチャネル:
Asianux Server 4 for x86
Asianux Server 4 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- 現時点では CVE-2013-2053 の情報が公開されておりません。
CVE の情報が公開され次第情報をアップデートいたします。
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2013-2053
Buffer overflow in the atodn function in Openswan before 2.6.39, when Opportunistic Encryption is enabled and an RSA key is being used, allows remote attackers to cause a denial of service (pluto IKE daemon crash) and possibly execute arbitrary code via crafted DNS TXT records. NOTE: this might be the same vulnerability as CVE-2013-2052 and CVE-2013-2054.
Buffer overflow in the atodn function in Openswan before 2.6.39, when Opportunistic Encryption is enabled and an RSA key is being used, allows remote attackers to cause a denial of service (pluto IKE daemon crash) and possibly execute arbitrary code via crafted DNS TXT records. NOTE: this might be the same vulnerability as CVE-2013-2052 and CVE-2013-2054.
追加情報:
N/A
ダウンロード:
SRPMS
- openswan-2.6.32-20.0.1.AXS4.src.rpm
MD5: 8a64a1b7d2b8379dc6e7087c9c116a66
SHA-256: 29d6363bd1f66147b4ca16149eb9acb4103df45bbcbab9b016df6e510d956f5a
Size: 11.22 MB
Asianux Server 4 for x86
- openswan-2.6.32-20.0.1.AXS4.i686.rpm
MD5: 652032596bf252a606166a80007cf150
SHA-256: 26745b66667ab8c8baf7ce32cc4e1cc4ed0c21687f7bbb65e8e25eaf88fc3966
Size: 883.37 kB
Asianux Server 4 for x86_64
- openswan-2.6.32-20.0.1.AXS4.x86_64.rpm
MD5: be6eba1552c09b802e90d30f684ab0a6
SHA-256: a577a9720e00965c74629556ab01a93159f9c623fadd1418c2bef3bcb4c1c895
Size: 893.38 kB