| Summary: | openswan new security issue CVE-2013-2053 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | David Walser <luigiwalser> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | Sec team <security> |
| Severity: | critical | ||
| Priority: | Normal | CC: | sysadmin-bugs, tmb |
| Version: | 3 | Keywords: | validated_update |
| Target Milestone: | --- | ||
| Hardware: | i586 | ||
| OS: | Linux | ||
| URL: | http://lwn.net/Vulnerabilities/550931/ | ||
| Whiteboard: | MGA2TOO has_procedure mga2-32-ok mga2-64-ok mga3-32-ok mga3-64-ok | ||
| Source RPM: | openswan-2.6.28-4.mga3.src.rpm | CVE: | |
| Status comment: | |||
|
Description
David Walser
2013-05-16 19:43:29 CEST
David Walser
2013-05-16 19:44:00 CEST
Whiteboard:
(none) =>
MGA3TOO, MGA2TOO Patched packages uploaded for Mageia 2, Mageia 3, and Cauldron.
Advisory:
========================
Updated openswan packages fix security vulnerability:
A buffer overflow flaw was found in Openswan. If Opportunistic Encryption
were enabled ("oe=yes" in "/etc/ipsec.conf") and an RSA key configured, an
attacker able to cause a system to perform a DNS lookup for an
attacker-controlled domain containing malicious records (such as by sending
an email that triggers a DKIM or SPF DNS record lookup) could cause
Openswan's pluto IKE daemon to crash or, potentially, execute arbitrary
code with root privileges. With "oe=yes" but no RSA key configured, the
issue can only be triggered by attackers on the local network who can
control the reverse DNS entry of the target system. Opportunistic
Encryption is disabled by default (CVE-2013-2053).
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2053
https://rhn.redhat.com/errata/RHSA-2013-0827.html
========================
Updated packages in core/updates_testing:
========================
openswan-2.6.28-2.2.mga2
openswan-doc-2.6.28-2.2.mga2
openswan-2.6.28-5.mga3
openswan-doc-2.6.28-5.mga3
from Source RPMs:
openswan-2.6.28-2.2.mga2.src.rpm
openswan-2.6.28-5.mga3.src.rpmVersion:
Cauldron =>
3 Assigning to QA.
Advisory:
========================
Updated openswan packages fix security vulnerability:
A buffer overflow flaw was found in Openswan. If Opportunistic Encryption
were enabled ("oe=yes" in "/etc/ipsec.conf") and an RSA key configured, an
attacker able to cause a system to perform a DNS lookup for an
attacker-controlled domain containing malicious records (such as by sending
an email that triggers a DKIM or SPF DNS record lookup) could cause
Openswan's pluto IKE daemon to crash or, potentially, execute arbitrary
code with root privileges. With "oe=yes" but no RSA key configured, the
issue can only be triggered by attackers on the local network who can
control the reverse DNS entry of the target system. Opportunistic
Encryption is disabled by default (CVE-2013-2053).
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2053
https://rhn.redhat.com/errata/RHSA-2013-0827.html
========================
Updated packages in core/updates_testing:
========================
openswan-2.6.28-2.2.mga2
openswan-doc-2.6.28-2.2.mga2
openswan-2.6.28-5.mga3
openswan-doc-2.6.28-5.mga3
from Source RPMs:
openswan-2.6.28-2.2.mga2.src.rpm
openswan-2.6.28-5.mga3.src.rpmAssignee:
bugsquad =>
qa-bugs Procedure: https://bugs.mageia.org/show_bug.cgi?id=7095#c7 Whiteboard:
MGA2TOO =>
MGA2TOO has_procedure Testing complete mga3 64 & 32, mga2 64 & 32 Note that this still redirects to chkconfig on mga3 Validating Advisory & srpms in comment 1 Could sysadmin please push from core/updates_testing to core/updates for mga2 & 3 Thanks! Keywords:
(none) =>
validated_update Update pushed: https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0157 Status:
NEW =>
RESOLVED |