libreswan-3.15-8.0.1.el7.AXS7
エラータID: AXSA:2016-1148:01
リリース日:
2016/12/05 Monday - 12:10
題名:
libreswan-3.15-8.0.1.el7.AXS7
影響のあるチャネル:
Asianux Server 7 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- libreswan の programs/pluto/ikev1.c は,initial-responder ステートで
再伝送を行っており,偽造された UDP パケットによって,リモートの攻撃者が
サービス拒否 (トラフィックの増幅) を引き起こす脆弱性があります。
(CVE-2016-5361)
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2016-5361
programs/pluto/ikev1.c in libreswan before 3.17 retransmits in initial-responder states, which allows remote attackers to cause a denial of service (traffic amplification) via a spoofed UDP packet. NOTE: the original behavior complies with the IKEv1 protocol, but has a required security update from the libreswan vendor; as of 2016-06-10, it is expected that several other IKEv1 implementations will have vendor-required security updates, with separate CVE IDs assigned to each.
programs/pluto/ikev1.c in libreswan before 3.17 retransmits in initial-responder states, which allows remote attackers to cause a denial of service (traffic amplification) via a spoofed UDP packet. NOTE: the original behavior complies with the IKEv1 protocol, but has a required security update from the libreswan vendor; as of 2016-06-10, it is expected that several other IKEv1 implementations will have vendor-required security updates, with separate CVE IDs assigned to each.
追加情報:
N/A
ダウンロード:
SRPMS
- libreswan-3.15-8.0.1.el7.AXS7.src.rpm
MD5: 9fe9b058c82cefd96f96c8f213a78a35
SHA-256: 0f7e158ede0996e085749b1c2a64ae4205a52791e891399740bdf6330c3c79b2
Size: 17.82 MB
Asianux Server 7 for x86_64
- libreswan-3.15-8.0.1.el7.AXS7.x86_64.rpm
MD5: 4e073715688bb0369d5d7c1e27d41119
SHA-256: 516c07e313373972bb5f0faeb94a6cc48f3e836bc8f7235fec17f8123b7aef7c
Size: 1.24 MB