rpms/openswan/F-10 openswan-2.6-initscript-correction.patch, NONE, 1.1 openswan-2.6.22-CVE-2009-2185.patch, NONE, 1.1 openswan-2.6.22-selinux.patch, NONE, 1.1 .cvsignore, 1.26, 1.27 openswan.spec, 1.73, 1.74 sources, 1.25, 1.26 openswan-2.6-noxmlto.patch, 1.1, NONE openswan-2.6-selinux.patch, 1.1, NONE openswan-2.6.16-initscript-correction.patch, 1.1, NONE openswan-2.6.21-CVE-2009-2185.patch, 1.1, NONE

Thu Sep 10 17:01:38 UTC 2009

Author: avesh

Update of /cvs/pkgs/rpms/openswan/F-10
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv16702

Modified Files:
	.cvsignore openswan.spec sources 
Added Files:
	openswan-2.6-initscript-correction.patch 
	openswan-2.6.22-CVE-2009-2185.patch 
	openswan-2.6.22-selinux.patch 
Removed Files:
	openswan-2.6-noxmlto.patch openswan-2.6-selinux.patch 
	openswan-2.6.16-initscript-correction.patch 
	openswan-2.6.21-CVE-2009-2185.patch 
Log Message:
* Thu Sep 10 2009 Avesh Agarwal <avagarwa at redhat.com> - 2.6.22-1
- New upstream release
- Openswan ASN.1 parser vulnerability (CVE-2009-2185)


openswan-2.6-initscript-correction.patch:
 setup.in |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

--- NEW FILE openswan-2.6-initscript-correction.patch ---
--- openswan-2.6.22-orig/programs/setup/setup.in	2009-06-22 22:53:08.000000000 -0400
+++ openswan-2.6.22/programs/setup/setup.in	2009-09-10 11:48:23.395338383 -0400
@@ -39,7 +39,7 @@
 # times of NFS filesystem startup/shutdown).  Startup is after startup of
 # syslog and pcmcia support; shutdown is just before shutdown of syslog.
 #
-# chkconfig: 2345 47 76
+# chkconfig: - 47 76
 # description: IPsec provides encrypted and authenticated communications; \
 # KLIPS is the kernel half of it, Pluto is the user-level management daemon.
 

openswan-2.6.22-CVE-2009-2185.patch:
 asn1.c |   12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

--- NEW FILE openswan-2.6.22-CVE-2009-2185.patch ---
--- openswan-2.6.22/lib/libopenswan/asn1.c	2009-06-22 22:53:08.000000000 -0400
+++ openswan-2/lib/libopenswan/asn1.c	2009-08-17 14:07:00.153981683 -0400
@@ -76,8 +76,15 @@ asn1_length(chunk_t *blob)
     n = *blob->ptr++;
     blob->len--;
 
-    if ((n & 0x80) == 0) /* single length octet */
+    if ((n & 0x80) == 0) { /* single length octet */
+	if (n > blob->len) {
+	    DBG(DBG_PARSING,
+		DBG_log("number of length octets is larger than ASN.1 object")
+	    )
+	    return ASN1_INVALID_LENGTH;
+	}
 	return n;
+    }
 
     /* composite length, determine number of length octets */
     n &= 0x7f;
@@ -243,7 +250,6 @@ asn1totime(const chunk_t *utctime, asn1_
     {
 	int tz_hour, tz_min;
 
-	sscanf(eot+1, "%2d%2d", &tz_hour, &tz_min);
 	if (sscanf(eot+1, "%2d%2d", &tz_hour, &tz_min) != 2)
 	{
 	    return 0; /* error in positive timezone offset format */
@@ -411,7 +417,7 @@ extract_object(asn1Object_t const *objec
 
     blob1->len = asn1_length(blob);
 
-    if (blob1->len == ASN1_INVALID_LENGTH || blob->len < blob1->len)
+    if (blob1->len == ASN1_INVALID_LENGTH)
     {
 	DBG(DBG_PARSING,
 	    DBG_log("L%d - %s:  length of ASN1 object invalid or too large",

openswan-2.6.22-selinux.patch:
 verify.in |   12 ------------
 1 file changed, 12 deletions(-)

--- NEW FILE openswan-2.6.22-selinux.patch ---
--- openswan-2.6.22-orig/programs/verify/verify.in	2009-06-23 04:53:08.000000000 +0200
+++ openswan-2.6.22/programs/verify/verify.in	2009-07-09 23:50:15.000000000 +0200
@@ -262,18 +262,6 @@ sub installstartcheck {
 	   } else { warnchk "","UNKNOWN"; }
 	}
 
-        if ( -e "/selinux/enforce") {
-        printfun "Testing against enforced SElinux mode";
-        open("cat", "/selinux/enforce");
-        if(<cat> == "1")
-            {
-                errchk "";
-                print "\n  SElinux is running in 'enforced' mode. Since no working SElinux\n  policies exist for Openswan, SElinux should be disabled.\n";
-		print "\n  echo \"0\" > /selinux/enforce (or edit /etc/sysconfig/selinux)\n\n";
-            }
-        else { errchk "1"; }
-        }
-
         if ( -c "/dev/hw_random" || -c "/dev/hwrng" ) {
         printfun "Hardware RNG detected, testing if used properly";
         run "pidof rngd";


Index: .cvsignore
===================================================================
RCS file: /cvs/pkgs/rpms/openswan/F-10/.cvsignore,v
retrieving revision 1.26
retrieving revision 1.27
diff -u -p -r1.26 -r1.27
--- .cvsignore	30 Mar 2009 16:28:43 -0000	1.26
+++ .cvsignore	10 Sep 2009 17:01:36 -0000	1.27
@@ -10,3 +10,4 @@ openswan-2.6.16.tar.gz
 openswan-2.6.18.tar.gz
 openswan-2.6.19.tar.gz
 openswan-2.6.21.tar.gz
+openswan-2.6.22.tar.gz


Index: openswan.spec
===================================================================
RCS file: /cvs/pkgs/rpms/openswan/F-10/openswan.spec,v
retrieving revision 1.73
retrieving revision 1.74
diff -u -p -r1.73 -r1.74
--- openswan.spec	6 Jul 2009 15:14:57 -0000	1.73
+++ openswan.spec	10 Sep 2009 17:01:37 -0000	1.74
@@ -1,8 +1,8 @@
 Summary: Openswan IPSEC implementation
 Name: openswan
-Version: 2.6.21
+Version: 2.6.22
 
-Release: 2%{?dist}
+Release: 1%{?dist}
 License: GPLv2+
 Url: http://www.openswan.org/
 Source: openswan-%{version}.tar.gz
@@ -11,9 +11,9 @@ Source2: ipsec.conf
 
 Patch1: openswan-2.6.16-examples.patch
 Patch2: openswan-2.6-relpath.patch
-Patch3: openswan-2.6-selinux.patch
-Patch4: openswan-2.6.16-initscript-correction.patch
-Patch5: openswan-2.6.21-CVE-2009-2185.patch
+Patch3: openswan-2.6.22-selinux.patch
+Patch4: openswan-2.6-initscript-correction.patch
+Patch5: openswan-2.6.22-CVE-2009-2185.patch
 
 Group: System Environment/Daemons
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -151,6 +151,10 @@ fi
 chkconfig --add ipsec || :
 
 %changelog
+* Thu Sep 10 2009 Avesh Agarwal <avagarwa at redhat.com> - 2.6.22-1
+- New upstream release
+- Openswan ASN.1 parser vulnerability (CVE-2009-2185)
+
 * Mon Jul 06 2009 Avesh Agarwal <avagarwa at redhat.com> - 2.6.21-2
 - Openswan ASN.1 parser vulnerability (CVE-2009-2185)
 


Index: sources
===================================================================
RCS file: /cvs/pkgs/rpms/openswan/F-10/sources,v
retrieving revision 1.25
retrieving revision 1.26
diff -u -p -r1.25 -r1.26
--- sources	30 Mar 2009 16:28:43 -0000	1.25
+++ sources	10 Sep 2009 17:01:37 -0000	1.26
@@ -1 +1 @@
-ba9da6c90e0f5fe856767d7510ce371f  openswan-2.6.21.tar.gz
+9a30009bade8a1b09fba27680c87cf72  openswan-2.6.22.tar.gz


--- openswan-2.6-noxmlto.patch DELETED ---


--- openswan-2.6-selinux.patch DELETED ---


--- openswan-2.6.16-initscript-correction.patch DELETED ---


--- openswan-2.6.21-CVE-2009-2185.patch DELETED ---


