[Openswan Users] Openswan 2.6.45 released
Simon Deziel
simon at xelerance.com
Thu Aug 27 12:52:21 EDT 2015
Xelerance has released Openswan 2.6.45
This release addresses CVE-2015-3240 (IKE DoS when using NSS).
The vulnerability was found by The Libreswan Team. For more information:
https://libreswan.org/security/CVE-2015-3240/CVE-2015-3240.txt
You can download Openswan at:
https://download.openswan.org/openswan/openswan-2.6.45.tar.gz
https://download.openswan.org/openswan/openswan-2.6.45.tar.gz.asc
Please report bugs either via one of the mailing lists or at our bug
tracker:
https://lists.openswan.org/
https://github.com/xelerance/Openswan/issues
See also https://www.openswan.org/
v2.6.45 (August 27, 2015)
This release fixes CVE-2015-3240 (IKE DoS)
* Minor compile tweaks that were missed at cottage [MCR]
* Possible fix for CVE-2015-3240: if KE payload is 0, then
exponentiation fails, tripping a passert for nss [MCR]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 966 bytes
Desc: OpenPGP digital signature
URL: <http://lists.openswan.org/pipermail/users/attachments/20150827/cb350468/attachment.sig>
More information about the Users
mailing list