20527 2009-06-21 23:07:24 +0400 CVE-2009-2185 DoS vulnerability in the ASN.1 parser 2009-06-25 09:27:01 +0400 1 1 4 Development Sisyphus strongswan unstable all Linux CLOSED FIXED http://download.strongswan.org/CHANGES42.txt security P3 blocker --- 1 crux mike mike oddity week qa-sisyphus oldest_to_newest 93436 0 crux 2009-06-21 23:07:24 +0400 Applying their fuzzing tool, the Orange Labs vulnerability research team found a Denial-of-Service vulnerability in the parsing of ASN.1 Relative Distinguished Names (RDNs). Malformed X.509 certificate RDNs can cause the pluto and charon IKE daemons to crash and restart. Fix availiable in the new version 4.2.16 93577 1 mike 2009-06-23 20:10:50 +0400 arbeiten 93617 2 repository-robot 2009-06-24 13:48:06 +0400 strongswan-4.2.16-alt1 -> sisyphus: * Tue Jun 23 2009 Michael Shigorin <mike@altlinux> 4.2.16-alt1 - 4.2.16 fixes DoS vulnerability in the ASN.1 parser; thanks crux@ for notification (closes: #20527) 93686 3 crux 2009-06-25 09:27:01 +0400 closed