NEWS: Add info about CVE-2015-3991

author Tobias Brunner <tobias@strongswan.org>

Thu, 21 May 2015 15:17:51 +0000 (17:17 +0200)

committer Andreas Steffen <andreas.steffen@strongswan.org>

Mon, 1 Jun 2015 07:42:11 +0000 (09:42 +0200)
author Tobias Brunner <tobias@strongswan.org>
Thu, 21 May 2015 15:17:51 +0000 (17:17 +0200)
committer Andreas Steffen <andreas.steffen@strongswan.org>
Mon, 1 Jun 2015 07:42:11 +0000 (09:42 +0200)
diff --git a/NEWS b/NEWS

index c5f5234b556862d7ee2797acae81e0fe701be9ad..b2e8cb2e67bedca90c6b0898e24a6fe01eba71a1 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -1,6 +1,13 @@
  strongswan-5.3.1
  ----------------
  
+- Fixed a denial-of-service and potential remote code execution vulnerability
+  triggered by IKEv1/IKEv2 messages that contain payloads for the respective
+  other IKE version. Such payload are treated specially since 5.2.2 but because
+  they were still identified by their original payload type they were used as
+  such in some places causing invalid function pointer dereferences.
+  The vulnerability has been registered as CVE-2015-3991.
+
  - The new aesni plugin provides CBC, CTR, XCBC, CMAC, CCM and GCM crypto
    primitives for AES-128/192/256. The plugin requires AES-NI and PCLMULQDQ
    instructions and works on both x86 and x64 architectures. It provides
author	Tobias Brunner <tobias@strongswan.org>
	Thu, 21 May 2015 15:17:51 +0000 (17:17 +0200)
committer	Andreas Steffen <andreas.steffen@strongswan.org>
	Mon, 1 Jun 2015 07:42:11 +0000 (09:42 +0200)