Added security info on CVE-2013-6075 and CVE-2013-6076

author Andreas Steffen <andreas.steffen@strongswan.org>

Thu, 31 Oct 2013 21:11:11 +0000 (22:11 +0100)

committer Andreas Steffen <andreas.steffen@strongswan.org>

Thu, 31 Oct 2013 21:11:11 +0000 (22:11 +0100)
author Andreas Steffen <andreas.steffen@strongswan.org>
Thu, 31 Oct 2013 21:11:11 +0000 (22:11 +0100)
committer Andreas Steffen <andreas.steffen@strongswan.org>
Thu, 31 Oct 2013 21:11:11 +0000 (22:11 +0100)
diff --git a/NEWS b/NEWS

index 815d8cd0cd970b1d1757a068d5fcc5ce9aa050ca..35edec9b4f13f76396623a771a8a2bda20d396cb 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -1,6 +1,15 @@
  strongswan-5.1.1
  ----------------
  
+- Fixed a denial-of-service vulnerability and potential authorization bypass
+  triggered by a crafted ID_DER_ASN1_DN ID payload. The cause is an insufficient
+  length check when comparing such identities. The vulnerability has been
+  registered as CVE-2013-6075.
+
+- Fixed a denial-of-service vulnerability triggered by a crafted IKEv1
+  fragmentation payload. The cause is a NULL pointer dereference. The
+  vulnerability has been registered as CVE-2013-6076.
+
  - The lean stand-alone pt-tls-client can set up a RFC 6876 PT-TLS session
    with a strongSwan policy enforcement point which uses the tnc-pdp charon
    plugin.
author	Andreas Steffen <andreas.steffen@strongswan.org>
	Thu, 31 Oct 2013 21:11:11 +0000 (22:11 +0100)
committer	Andreas Steffen <andreas.steffen@strongswan.org>
	Thu, 31 Oct 2013 21:11:11 +0000 (22:11 +0100)