Attachment #184526 for bug #220874

View | Details | Raw Unified | Return to bug 220874 | Differences between
Collapse All | Expand All




  </vuln>

  <vuln vid="e6ccaf8a-6c63-11e7-9b01-2047478f2f70">
    <topic>strongswan -- multiple vulnerabilities</topic>
    <affects>
      <package>
        <name>strongswan</name>
        <range><ge>4.4.0</ge><le>5.5.2</le></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
        <p>strongSwan security team reports:</p>
        <blockquote cite="https://www.strongswan.org/blog/2017/05/30/strongswan-5.5.3-released.html">
          <ul>
            <li>RSA public keys passed to the gmp plugin aren't validated sufficiently
              before attempting signature verification, so that invalid input might
              lead to a floating point exception. [CVE-2017-9022]</li>
            <li>ASN.1 CHOICE types are not correctly handled by the ASN.1 parser when
              parsing X.509 certificates with extensions that use such types. This
              could lead to infinite looping of the thread parsing a specifically crafted certificate.</li>
          </ul>
        </blockquote>
      </body>
    </description>
    <references>
      <url>https://www.strongswan.org/blog/2017/05/30/strongswan-vulnerability-(cve-2017-9022).html</url>
      <cvename>CVE-2017-9022</cvename>
    </references>
    <dates>
      <discovery>2017-05-30</discovery>
      <entry>2017-07-19</entry>
    </dates>
  </vuln>

  <vuln vid="c7e8e955-6c61-11e7-9b01-2047478f2f70">
    <topic>strongswan -- Denial-of-service vulnerability in the x509 plugin</topic>
    <affects>
      <package>
	<name>strongswan</name>
	<range><le>5.5.3</le></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>strongSwan security team reports:</p>
	<blockquote cite="https://www.strongswan.org/blog/2017/05/30/strongswan-vulnerability-(cve-2017-9023).html">
	  <p>ASN.1 CHOICE types are not correctly handled by the ASN.1 parser when
	     parsing X.509 certificates with extensions that use such types. This
	     could lead to infinite looping of the thread parsing a specifically crafted certificate.</p>
	</blockquote>
      </body>
    </description>
    <references>
      <url>https://www.strongswan.org/blog/2017/05/30/strongswan-vulnerability-(cve-2017-9023).html</url>
      <cvename>CVE-2017-9023</cvename>
    </references>

Return to bug 220874

Lines 195-246 Notes: Link Here

(-)security/vuxml/vuln.xml (-35 / +14 lines)
195	</vuln>	195	</vuln>
196		196
197	<vuln vid="e6ccaf8a-6c63-11e7-9b01-2047478f2f70">	197	<vuln vid="e6ccaf8a-6c63-11e7-9b01-2047478f2f70">
198	<topic>strongswan -- Insufficient Input Validation in gmp Plugin</topic>	198	<topic>strongswan -- multiple vulnerabilities</topic>
199	<affects>	199	<affects>
200	<package>	200	<package>
201	<name>strongswan</name>	201	<name>strongswan</name>
202	<range><ge>4.4.0</ge><le>5.5.2</le></range>	202	<range><ge>4.4.0</ge><le>5.5.2</le></range>
203	</package>	203	</package>
204	</affects>	204	</affects>
205	<description>	205	<description>
206	<body xmlns="http://www.w3.org/1999/xhtml">	206	<body xmlns="http://www.w3.org/1999/xhtml">
207	<p>strongSwan security team reports:</p>	207	<p>strongSwan security team reports:</p>
208	<blockquote cite="https://www.strongswan.org/blog/2017/05/30/strongswan-vulnerability-(cve-2017-9022).html">	208	<blockquote cite="https://www.strongswan.org/blog/2017/05/30/strongswan-5.5.3-released.html">
209	<p>RSA public keys passed to the gmp plugin aren't validated sufficiently	209	<ul>
210	before attempting signature verification, so that invalid input might	210	<li>RSA public keys passed to the gmp plugin aren't validated sufficiently
211	lead to a floating point exception.</p>	211	before attempting signature verification, so that invalid input might
212	</blockquote>	212	lead to a floating point exception. [CVE-2017-9022]</li>
		213	<li>ASN.1 CHOICE types are not correctly handled by the ASN.1 parser when
		214	parsing X.509 certificates with extensions that use such types. This
		215	could lead to infinite looping of the thread parsing a specifically crafted certificate.</li>
		216	</ul>
		217	</blockquote>
213	</body>	218	</body>
214	</description>	219	</description>
215	<references>	220	<references>
216	<url>https://www.strongswan.org/blog/2017/05/30/strongswan-vulnerability-(cve-2017-9022).html</url>	221	<url>https://www.strongswan.org/blog/2017/05/30/strongswan-vulnerability-(cve-2017-9022).html</url>
217	<cvename>CVE-2017-9022</cvename>	222	<cvename>CVE-2017-9022</cvename>
218	</references>
219	<dates>
220	<discovery>2017-05-30</discovery>
221	<entry>2017-07-19</entry>
222	</dates>
223	</vuln>
224
225	<vuln vid="c7e8e955-6c61-11e7-9b01-2047478f2f70">
226	<topic>strongswan -- Denial-of-service vulnerability in the x509 plugin</topic>
227	<affects>
228	<package>
229	<name>strongswan</name>
230	<range><le>5.5.3</le></range>
231	</package>
232	</affects>
233	<description>
234	<body xmlns="http://www.w3.org/1999/xhtml">
235	<p>strongSwan security team reports:</p>
236	<blockquote cite="https://www.strongswan.org/blog/2017/05/30/strongswan-vulnerability-(cve-2017-9023).html">
237	<p>ASN.1 CHOICE types are not correctly handled by the ASN.1 parser when
238	parsing X.509 certificates with extensions that use such types. This
239	could lead to infinite looping of the thread parsing a specifically crafted certificate.</p>
240	</blockquote>
241	</body>
242	</description>
243	<references>
244	<url>https://www.strongswan.org/blog/2017/05/30/strongswan-vulnerability-(cve-2017-9023).html</url>	223	<url>https://www.strongswan.org/blog/2017/05/30/strongswan-vulnerability-(cve-2017-9023).html</url>
245	<cvename>CVE-2017-9023</cvename>	224	<cvename>CVE-2017-9023</cvename>
246	</references>	225	</references>