From security@linux-mandrake.com Wed Jul 14 22:19:29 2004 From: Mandrake Linux Security Team To: full-disclosure@lists.netsys.com Date: 14 Jul 2004 23:41:51 -0000 Subject: [Full-Disclosure] MDKSA-2004:070 - Updated freeswan and super-freeswan packages fix certificate chain authentication vulnerability -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandrakelinux Security Update Advisory _______________________________________________________________________ Package name: freeswan Advisory ID: MDKSA-2004:070 Date: July 14th, 2004 Affected versions: 10.0, 9.1, 9.2, Corporate Server 2.1, Multi Network Firewall 8.2 ______________________________________________________________________ Problem Description: Thomas Walpuski discovered a vulnerability in the X.509 handling of super-freeswan, openswan, strongSwan, and FreeS/WAN with the X.509 patch applied. This vulnerability allows an attacker to make up their own Certificate Authority that can allow them to impersonate the identity of a valid DN. As well, another hole exists in the CA checking code that could create an endless loop in certain instances. Mandrakesoft encourages all users who use FreeS/WAN or super-freeswan to upgrade to the updated packages which are patched to correct these flaws. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0590 http://lists.openswan.org/pipermail/dev/2004-June/000369.html http://www.openswan.org/support/vuln/can-2004-0590/ ______________________________________________________________________ Updated Packages: Mandrakelinux 10.0: 6c597ac14ac13e281d2f685e01cfb120 10.0/RPMS/freeswan-2.04-3.1.100mdk.i586.rpm 72975d40cd986612150eca445d123c69 10.0/RPMS/super-freeswan-1.99.8-8.1.100mdk.i586.rpm d26a97f445182fd6d37da1f0cb8b3a4a 10.0/RPMS/super-freeswan-doc-1.99.8-8.1.100mdk.i586.rpm 6428713ada795017334807aae1b8b9e1 10.0/SRPMS/freeswan-2.04-3.1.100mdk.src.rpm 0a8ea26452bf9275aca1f1b95c9997cc 10.0/SRPMS/super-freeswan-1.99.8-8.1.100mdk.src.rpm Mandrakelinux 10.0/AMD64: 3ae552614dc10d672956e82cc062ef40 amd64/10.0/RPMS/freeswan-2.04-3.1.100mdk.amd64.rpm 46d4b962019ca063a938057a817a015b amd64/10.0/RPMS/super-freeswan-1.99.8-8.1.100mdk.amd64.rpm 143b47584e409e517f2462a2311b37d8 amd64/10.0/RPMS/super-freeswan-doc-1.99.8-8.1.100mdk.amd64.rpm 6428713ada795017334807aae1b8b9e1 amd64/10.0/SRPMS/freeswan-2.04-3.1.100mdk.src.rpm 0a8ea26452bf9275aca1f1b95c9997cc amd64/10.0/SRPMS/super-freeswan-1.99.8-8.1.100mdk.src.rpm Corporate Server 2.1: 5b7577b574dcbb4244f08546aa45f372 corporate/2.1/RPMS/freeswan-1.98b-3.1.C21mdk.i586.rpm 9b95691493ac84ad3ddce6f10f24ea0f corporate/2.1/SRPMS/freeswan-1.98b-3.1.C21mdk.src.rpm Corporate Server 2.1/x86_64: 3dfdb78ce29582b6734f61c2c0973936 x86_64/corporate/2.1/RPMS/freeswan-1.98b-3.1.C21mdk.x86_64.rpm 9b95691493ac84ad3ddce6f10f24ea0f x86_64/corporate/2.1/SRPMS/freeswan-1.98b-3.1.C21mdk.src.rpm Mandrakelinux 9.1: 1093013e9c096abc37376c121c61c129 9.1/RPMS/freeswan-1.99-3.1.91mdk.i586.rpm c186b6edc304f4c8543ff7acb93fbca4 9.1/SRPMS/freeswan-1.99-3.1.91mdk.src.rpm Mandrakelinux 9.2: 193ed47d74da8b50811e2103fffef056 9.2/RPMS/freeswan-2.01-2.1.92mdk.i586.rpm 5a5c99eedc7a9df65b8d4e3d02501cfe 9.2/SRPMS/freeswan-2.01-2.1.92mdk.src.rpm Mandrakelinux 9.2/AMD64: 45a782c82322e0f7c4377118475d5036 amd64/9.2/RPMS/freeswan-2.01-2.1.92mdk.amd64.rpm 5a5c99eedc7a9df65b8d4e3d02501cfe amd64/9.2/SRPMS/freeswan-2.01-2.1.92mdk.src.rpm Multi Network Firewall 8.2: 023520bddf59be203bda9eba76d29033 mnf8.2/RPMS/freeswan-1.98b-2.2.M82mdk.i586.rpm d0d04c3d0a1842ab7cbfc8eae726113a mnf8.2/SRPMS/freeswan-1.98b-2.2.M82mdk.src.rpm _______________________________________________________________________ To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandrakesoft for security. You can obtain the GPG public key of the Mandrakelinux Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandrakelinux at: http://www.mandrakesoft.com/security/advisories If you want to report vulnerabilities, please contact security_linux-mandrake.com Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQFA9cS/mqjQ0CJFipgRApMAAKDTFEvuwmlYgHcwGBCb2AsazXrRAwCg5Tml DNG+KRqfTIFQ58WCOkXN4UY= =SJt1 -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html