Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 538
Alerts This Week
Warning Icon 1 538

Red Hat 3: RHSA-2004:308-01 Critical: ipsec-tools Authentication Bug

red hat
Calendar Grey July 30, 2004
Dist Redhat Esm H88
Update for ipsec-tools resolves critical authentication issue with X.509 certificates in Red Hat's latest advisory.
When configured to use X.509 certificates to authenticate remote hosts, psec-tools versions 0.3.3 and earlier will attempt to verify that host certificate, but will not abort the k...

Solution

Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command:

up2date

For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system:

https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/10/


5. Bug IDs fixed (http://bugzilla.redhat.com/ for more info):

126568 - racoon authentication bug

6. RPMs required:

Red Hat Enterprise Linux AS version 3:

SRPMS:

0700489b312339d14a6222e7eebf203e ipsec-tools-0.2.5-0.5.src.rpm

i386: 4c0dc4fbfc6f68e907c3a06c3fd625ed ipsec-tools-0.2.5-0.5.i386.rpm

ia64: ca2cc5029aa0d5738c3cef27b1a8225d ipsec-tools-0.2.5-0.5.ia64.rpm

ppc: 46229bd51220c21b29814de8eb673948 ipsec-tools-0.2.5-0.5.ppc.rpm

ppc64: 8b2a1a54d6bbcdba02ffe2ea7cd23d9c ipsec-tools-0.2.5-0.5.ppc64.rpm

s390: b842137119a55d5ee91ab383c9c9a566 ipsec-tools-0.2.5-0.5.s390.rpm

s390x: 6d3d63090574e34732bbb3d78cfaf08e ipsec-tools-0.2.5-0.5.s390x.rpm

x86_64: 2657c5d3085d3410f54987ccc58b06ee ipsec-tools-0.2.5-0.5.x86_64.rpm

Red Hat Desktop version 3:

SRPMS:

0700489b312339d14a6222e7eebf203e ipsec-tools-0.2.5-0.5.src.rpm

i386: 4c0dc4fbfc6f68e907c3a06c3fd625ed ipsec-tools-0.2.5-0.5.i386.rpm

x86_64: 2657c5d3085d3410f54987ccc58b06ee ipsec-tools-0.2.5-0.5.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:

0700489b312339d14a6222e7eebf203e ipsec-tools-0.2.5-0.5.src.rpm

i386: 4c0dc4fbfc6f68e907c3a06c3fd625ed ipsec-tools-0.2.5-0.5.i386.rpm

ia64: ca2cc5029aa0d5738c3cef27b1a8225d ipsec-tools-0.2.5-0.5.ia64.rpm

x86_64: 2657c5d3085d3410f54987ccc58b06ee ipsec-tools-0.2.5-0.5.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:

0700489b312339d14a6222e7eebf203e ipsec-tools-0.2.5-0.5.src.rpm

i386: 4c0dc4fbfc6f68e907c3a06c3fd625ed ipsec-tools-0.2.5-0.5.i386.rpm

ia64: ca2cc5029aa0d5738c3cef27b1a8225d ipsec-tools-0.2.5-0.5.ia64.rpm

x86_64: 2657c5d3085d3410f54987ccc58b06ee ipsec-tools-0.2.5-0.5.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from


Summary

References

http://marc.theaimsgroup.com/?l=bugtraq&m=108726102304507 CVE -CVE-2004-0607

Package List


Severity
critical
Lowest
Low
Medium
High
Critical

Advisory ID: RHSA-2004:308-01
Issue date: 2004-07-29
Updated on: 2004-07-29
Product: Red Hat Enterprise Linux
Keywords: IKE racoon X.509
Obsoletes: RHSA-2004:165

Topic

An updated ipsec-tools package that fixes verification of X.509certificates in racoon is now available.

Relevant Releases Architectures

Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, ppc64, s390, s390x, x86_64

Red Hat Desktop version 3 - i386, x86_64

Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64

Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64

Bugs Fixed

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.