[Oraclevm-errata] OVMSA-2009-0010 Important: Oracle VM 2.1 ipsec-tools security update
Errata Announcements for Oracle VM
oraclevm-errata at oss.oracle.com
Wed May 27 11:41:52 PDT 2009
Oracle VM Security Advisory OVMSA-2009-0010
The following updated rpms for Oracle VM 2.1 have been uploaded to the
Unbreakable Linux Network:
i386:
ipsec-tools-0.6.5-13.el5_3.1.i386.rpm
SRPMS:
http://oss.oracle.com/oraclevm/server/SRPMS-updates/ipsec-tools-0.6.5-13.el5_3.1.src.rpm
Description of changes:
Following security fixes is released in this errata:
CVE-2009-1574 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1574>
racoon/isakmp_frag.c in ipsec-tools before 0.7.2 allows remote attackers
to cause a denial of service (crash) via crafted fragmented packets
without a payload, which triggers a NULL pointer dereference.
CVE-2009-1632 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1632>
Multiple memory leaks in Ipsec-tools before 0.7.2 allow remote attackers
to cause a denial of service (memory consumption) via vectors involving
(1) signature verification during user authentication with X.509
certificates, related to the eay_check_x509sign function in
src/racoon/crypto_openssl.c; and (2) the NAT-Traversal (aka NAT-T)
keepalive implementation, related to src/racoon/nattraversal.c.
CVE-2008-3651 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3651>
Memory leak in racoon/proposal.c in the racoon daemon in ipsec-tools
before 0.7.1 allows remote authenticated users to cause a denial of
service (memory consumption) via invalid proposals.
CVE-2008-3652 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3652>
src/racoon/handler.c in racoon in ipsec-tools does not remove an
"orphaned ph1" (phase 1) handle when it has been initiated remotely,
which allows remote attackers to cause a denial of service (resource
consumption).
[0.6.5-13.1]
- fix nul dereference in frag code and some memory leaks (#497990)
[0.6.5-13]
- also do not destroy ports in ph2 (#231604)
[0.6.5-12]
- improved fix for cleanup of IPSEC SAs in SADB (#231604)
[0.6.5-11]
- fix cleanup of IPSEC SAs in SADB (#231604)
- fix segfault in timer (#378551)
- handle new interfaces immediately (#247301)
- eliminate debug logging overhead when log level is lower (#248567)
- use the adminsock_path as specified on the command line (#247294)
- link only necessary libraries (#458631)
- make racoon PIE executable (#210023)
- fix for DoS through various memory leaks (CVE-2008-3651 #456660,
CVE-2008-3652 #458846)
[0.6.5-10]
- use the current kernel headers instead of the private copy (#446979)
[0.6.5-9]
- Resolves: rhbz#435803 - update pfkeyv2.h with new #defines
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://oss.oracle.com/pipermail/oraclevm-errata/attachments/20090527/ed914709/attachment.html
More information about the Oraclevm-errata
mailing list