it-securitynotifies AT lists.piratenpartei.de
Betreff: Sicherheitsankündigungen
Listenarchiv
- From: Salvatore Bonaccorso <carnil AT debian.org>
- To: debian-security-announce AT lists.debian.org
- Subject: [IT-SecNots] [SECURITY] [DSA 5368-1] libreswan security update
- Date: Fri, 03 Mar 2023 19:58:43 +0000
- Authentication-results: mail.piratenpartei.de; dkim=none; spf=none (mail.piratenpartei.de: domain of "bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org" has no SPF policy when checking 82.195.75.100) smtp.mailfrom="bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org"; dmarc=none
- List-archive: https://lists.debian.org/msgid-search/E1pYBYB-003I4s-J2 AT seger.debian.org
- List-id: <debian-security-announce.lists.debian.org>
- List-url: <http://lists.debian.org/debian-security-announce/>
- Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Date:Message-Id:Subject:To:From:Reply-To:Cc:MIME-Version: Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=BnOIHlpMIlAAfP4QA3UH7fyKoPm5K3nglO59arjqnSs=; b=nS dkN37C8uEPk5Sv5fXA8STuUbQBDsaIddKO+BmH1A96Ff5uAlZDNgASVXyaMCMvhp7we+z/ctn9qKJ LQIIeXGQBGUkkZz1GS3cmrmeEo4DXudYwVE/umAvzU/XSl/IDYTx80heJS+zjhEdBqPVKUBy3lKnY P313UFO7uCwr3CGf8OPQTi/pBUBzP1uvvvwXVxleWvyK2L5VCPqF/e0zGBilDa4w+va8jP/2cd8ty WoOXBK4EoLlgpK8VERhpSKNoTmgstQsux7wCBFexuzYKEwtBdyxPcVQlCWJlQZmltZgz6azIVJrqU FMQz4blp96d3pu1p3by63r8vCsCJcmnw==;
- Old-return-path: <carnil AT seger.debian.org>
- Priority: urgent
- Resent-date: Fri, 3 Mar 2023 19:59:10 +0000 (UTC)
- Resent-from: debian-security-announce AT lists.debian.org
- Resent-message-id: <ErDFIJRoptE.A.XfG.OGlAkB@bendel>
- Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian Security Advisory DSA-5368-1 security AT debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
March 03, 2023 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : libreswan
CVE ID : CVE-2023-23009
Debian Bug : 1031821
It was discovered that the libreswan IPsec implementation could be
forced into a crash/restart via malformed IKEv2 packets after peer
authentication, resulting in denial of service.
For the stable distribution (bullseye), this problem has been fixed in
version 4.3-1+deb11u3.
We recommend that you upgrade your libreswan packages.
For the detailed security status of libreswan please refer to its
security tracker page at:
https://security-tracker.debian.org/tracker/libreswan
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmQCUIxfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0R+XA/8C9tcRpaDWv6IsxJam+6YPviUXdUGQ6NgJOSxes7NHjl4mdYbJm/xUrm/
nM4C272cHbhfd/RJf/TqZM+aPvJ6ohcq6OfgVQlef7ys92RDPrpyOq0jVyWzHI6O
/CsRRMehgQD68Q5RAUe9CFxGDZ2YfI/+sEyts6bh0h4TStZbWWYSVO/ZhQvrLRbH
evGBoHX6qNRu8PYTlkgDeBmDpHAuHE6s5IlTwldaFSZlxMI2DycRBEF7ZiqKPXGl
gcn5gX0qQbfZOD9AlKEr5dlvMLQYE4AHWIgh35clwr7Nm/BqXP4QXGvMu4Of+djc
u+z+OIRhJqgVOJ3+cYYu4NN6wwGs6ZJgKtYxEYRRepUo0/fomM4YDZery3LgaCA4
HdbeW4oMbQm1az1VjwQBaOk1O0kKcA3Po87PRQCNSyZnus7f5IflT5G75tZn4HyU
s54iYoo6jT3lZ1zS9STupO8TdmWdEQpo6RCoIh8h4b89/+Uv4g6LlvFilyT+cf7H
ZVC4sEJ8VW/eSg9PwNfcYWlEAzJeVZccUPatLLe6bKf6Hi4c9JTcnlITpExtd4qn
4C4+5glzy910OGHjKXS2ljJCgVi+A9ch7Bndi7y07apYwh+yavbvppCbC6h5PauE
PIPc4ElQHa7cTOUjIAj4M9fD1JtK0BSwQ17hAwDCRa8PYRmWAJ4=
=S2f1
-----END PGP SIGNATURE-----
- [IT-SecNots] [SECURITY] [DSA 5368-1] libreswan security update, Salvatore Bonaccorso, 03.03.2023
Archiv bereitgestellt durch MHonArc 2.6.24.