Freeswan/Im Update for Debian
Posted on: 12/04/2002 11:17 AM
Two new security updates for Debian GNU/Linux has been released:DSA-201-1 freeswan -- denial of service
Bindview discovered a problem in several IPSEC implementations that do not properly handle certain very short packets. IPSEC is a set of security extensions to IP which provide authentication and encryption. Free/SWan in Debian is affected by this and is said to cause a kernel panic.Read moreDSA-202-1 im -- insecure temporary files
This problem has been fixed in version 1.96-1.4 for the current stable distribution (woody) and in version 1.99-1 for the unstable distribution (sid). The old stable distribution (potato) does not contain Free/SWan packages.
Tatsuya Kinoshita discovered that IM, which contains interface commands and Perl libraries for E-mail and NetNews, creates temporary files insecurely.Read more
These problems have been fixed in version 141-18.1 for the current stable distribution (woody), in version 133-2.2 of the old stable distribution (potato) and in version 141-20 for the unstable distribution (sid).