Your message dated Fri, 16 Jun 2023 19:47:23 +0000
with message-id <e1qafpn-003fkh...@fasolo.debian.org>
and subject line Bug#1035542: fixed in libreswan 4.3-1+deb11u4
has caused the Debian Bug report #1035542,
regarding libreswan: CVE-2023-30570: Incorrect aggressive mode interaction
causes the pluto daemon to crash
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
1035542: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035542
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: libreswan
Version: 4.10-2
Severity: important
Tags: security upstream
Forwarded: https://github.com/libreswan/libreswan/issues/1039
X-Debbugs-Cc: car...@debian.org, Debian Security Team <t...@security.debian.org>
Hi,
The following vulnerability was published for libreswan.
CVE-2023-30570[0]:
| Incorrect aggressive mode interaction causes the pluto daemon to
| crash
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2023-30570
https://www.cve.org/CVERecord?id=CVE-2023-30570
[1] https://github.com/libreswan/libreswan/issues/1039
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: libreswan
Source-Version: 4.3-1+deb11u4
Done: Daniel Kahn Gillmor <d...@fifthhorseman.net>
We believe that the bug you reported is fixed in the latest version of
libreswan, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 1035...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Daniel Kahn Gillmor <d...@fifthhorseman.net> (supplier of updated libreswan
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 01 Jun 2023 16:14:59 -0400
Source: libreswan
Architecture: source
Version: 4.3-1+deb11u4
Distribution: bullseye
Urgency: medium
Maintainer: Daniel Kahn Gillmor <d...@fifthhorseman.net>
Changed-By: Daniel Kahn Gillmor <d...@fifthhorseman.net>
Closes: 1035542
Changes:
libreswan (4.3-1+deb11u4) bullseye; urgency=medium
.
* Resolve CVE-2023-30570 (Closes: #1035542)
Checksums-Sha1:
e26eaec2ae5daf13378bda01cc90d5850685cb50 2069 libreswan_4.3-1+deb11u4.dsc
c6041326f03891b659e182029bf2c8d92ce08de1 15944
libreswan_4.3-1+deb11u4.debian.tar.xz
24fd9237b4e5f4aa2613a5fa2ffd6ebc43efbca6 10659
libreswan_4.3-1+deb11u4_source.buildinfo
Checksums-Sha256:
8e7184198f21c5f3d026828baa362704dd765f6009199e069e328c6399af7dbf 2069
libreswan_4.3-1+deb11u4.dsc
8e3e6b40999a1937d1d21de8bf72a8de8a9782e2b7904df0079c7e2a28c3e764 15944
libreswan_4.3-1+deb11u4.debian.tar.xz
06a7db6125203f6b81dc6698e1d94ec04df3dd4691b3d11300695087785321ae 10659
libreswan_4.3-1+deb11u4_source.buildinfo
Files:
5cbf9044c976299e7e97532b126ff7b3 2069 net optional libreswan_4.3-1+deb11u4.dsc
4aa9c5a051da6648dd8af4b95ad5fa59 15944 net optional
libreswan_4.3-1+deb11u4.debian.tar.xz
7893ae7cf2e73eb06a64745fbf746233 10659 net optional
libreswan_4.3-1+deb11u4_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iHUEARYIAB0WIQQttUkcnfDcj0MoY88+nXFzcd5WXAUCZHpJIQAKCRA+nXFzcd5W
XMXWAP4yM52/rwoTBoJKIqF3AQDSHcbEeYM1SZYQY8ZDROR48gD+MOO37yB1g9Cg
ML7UlNVanqldDGHJrV23GWuRc2BgmwU=
=sMW5
-----END PGP SIGNATURE-----
--- End Message ---
