From: Gilles E. <ges...@us...> - 2009-04-02 20:39:06
|
Update of /cvsroot/ipcop/ipcop/src/patches In directory 23jxhf1.ch3.sourceforge.com:/tmp/cvs-serv16390/src/patches Added Files: Tag: IPCOP_v1_4_0 openswan-1.0.10_demux.patch Log Message: Add fix for CVE-2009-0790 --- NEW FILE: openswan-1.0.10_demux.patch --- patch for CVE-2009-0790 remade from http://www.openswan.org/CVE-2009-0790 base --- openswan-1.0.10/pluto/demux.c.old 2003-11-26 16:43:49.000000000 +0100 +++ openswan-1.0.10/pluto/demux.c 2009-03-31 07:05:52.000000000 +0200 @@ -967,9 +967,17 @@ switch (n->isan_type) { case R_U_THERE: + if(md->st==NULL) { + loglog(RC_LOG_SERIOUS, "received bogus R_U_THERE informational message"); + return STF_IGNORE; + } return dpd_inI_outR(md->st, n, n_pbs); case R_U_THERE_ACK: + if(md->st==NULL) { + loglog(RC_LOG_SERIOUS, "received bogus R_U_THERE informational message"); + return STF_IGNORE; + } return dpd_inR(md->st, n, n_pbs); default: |