[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [suse-security] SUSE Security Announcement: kernel (SUSE-SA:2004:020)
On Fri, 2 Jul 2004, Roman Drahtmueller wrote:
> 2) Pending vulnerabilities in SUSE Distributions and Workarounds:
> - freeswan
> A bug in the certificate chain authentication code could allow an
> attacker to authenticate any host against a FreeS/WAN server by
> presenting specially crafted certificates wrapped in a PKCS#7 file.
> The packages are currently being tested and will be available soon.
This sounds scary; but does this apply only to installations that use x509
certificates, i.e. if there are conns with left/rightrsasigkey=%cert?
Or is it enought to have the x509 stuff compiled in, even if it isn't
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here