Overview Details

File _patchinfo of Package patchinfo

<patchinfo incident="206">
  <packager>jluce2</packager>
  <issue tracker="cve" id="CVE-2013-6075"></issue>
  <issue tracker="bnc" id="840826">L3: strongswan: charon does SEGFAULT when left=%any is used</issue>
  <issue tracker="bnc" id="847506">VUL-0: EMBARGOED: CVE-2013-6075: strongswan DoS and authorization bypass vulnerability via crafted ID payload</issue>
  <category>security</category>
  <rating>low</rating>
  <summary>update for strongswan</summary>
  <description>- Applied upstream fix for a denial-of-service and authorization
  bypass vulnerability via crafted ID payload in strongswan 4.3.3
  up to 5.1.0 (CVE-2013-6075, bnc#847506).
  [0007-strongswan-4.3.3_5.1.0-bnc-847506-CVE-2013-6075.patch]
- Added a recursion limit to get_route in netlink plugin to avoid
  a charon crash while trying to find a source address when local
  left is set to %any on newer kernels sorting the default route
  as first one (bnc#840826).
  [0006-strongswan-4.6.4-bnc-840826-recursion-limit.patch]
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places