[Openswan Users] openswan-2.6.40 still vulnerable to CVE-2013-6466
Patrick Naubert
patrickn at xelerance.com
Fri Feb 21 12:48:25 EST 2014
> Date: Wed, 19 Feb 2014 10:07:10 +0200
> From: Tuomo Soini <tis at foobar.fi>
> To: users at lists.openswan.org
> Subject: [Openswan Users] openswan-2.6.40 still vulnerable to
> CVE-2013-6466
>
> On February 14, openswan-2.6.40 was released, but unfortunately it
> DOES NOT fix CVE-2013-6466. A new CVE has been requested for the
> openswan-2.6.40 crasher, see:
>
> http://www.openwall.com/lists/oss-security/2014/02/18/1
Xelerance will be issuing an Openswan version to address this continued CVE, in the next day.
Patrick Naubert
Xelerance Corp.
More information about the Users
mailing list