Bug 20527

Summary: CVE-2009-2185 DoS vulnerability in the ASN.1 parser
Product: Sisyphus Reporter: Vladimir Lettiev <crux>
Component: strongswanAssignee: Michael Shigorin <mike>
Status: CLOSED FIXED QA Contact: qa-sisyphus
Severity: blocker    
Priority: P3 CC: mike, oddity, week
Version: unstableKeywords: security
Hardware: all   
OS: Linux   
URL: http://download.strongswan.org/CHANGES42.txt

Description Vladimir Lettiev 2009-06-21 23:07:24 MSD 
Applying their fuzzing tool, the Orange Labs vulnerability research team
found a Denial-of-Service vulnerability in the parsing of ASN.1 Relative
Distinguished Names (RDNs). Malformed X.509 certificate RDNs can cause
the pluto and charon IKE daemons to crash and restart.

Fix availiable in the new version 4.2.16
Comment 1 Michael Shigorin 2009-06-23 20:10:50 MSD 
arbeiten
Comment 2 Repository Robot 2009-06-24 13:48:06 MSD 
strongswan-4.2.16-alt1 -> sisyphus:

* Tue Jun 23 2009 Michael Shigorin <mike@altlinux> 4.2.16-alt1

- 4.2.16 fixes DoS vulnerability in the ASN.1 parser;
  thanks crux@ for notification (closes: #20527)
Comment 3 Vladimir Lettiev 2009-06-25 09:27:01 MSD 
closed