[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    [oss-security] Re: CVE request for unfixed CVE-2013-6466 in openswan-2.6.40
From:       cve-assign () mitre ! org
Date:       2014-02-20 5:15:11
Message-ID: 201402200515.s1K5FBrk013119 () linus ! mitre ! org
[Download RAW message or body]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> openswan-2.6.40 (released Feb 14) was supposed to address
> CVE-2013-6466 (which also affected libreswan as per CVE-2013-6467) but
> the fix is incomplete and openswan can still crashed using mangled or
> missing IKEv2 payloads.

Use CVE-2014-2037.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJTBY7oAAoJEKllVAevmvmsWv4IAMg8NTfLA7HMt7U2ADHuVLpX
htKO2JV7dXuFgiHj6WCjs5DCIlVALDLFqjbqC0MjDFEX/NPRuMxq+C+yYIurq+mS
YXsIZqsJaPm5sX4aJ1KlFlt1eWpPjdpBicaxE5g83kc38Cip0DxER0ZSPuPt8+o7
302LY4lIkRLbTcrNCGjJjatj1VVskaWqMDTZSzS4tqIuBmGBUjaEBr+3BDHy6k4q
6hUMzpIf/slDG9d+NUTxu2tx1tcuPRvHC8R22W6MVd/zKegYcNfGpczBe0upRpz3
1UkzZCKN5Zo7TuOKSByV82QGp7md/HBuL+Jmvw3ZQB0tr0MgvoOC2r3i5iYGtU8=
=X4Ym
-----END PGP SIGNATURE-----
[prev in list] [next in list] [prev in thread] [next in thread]