Synopsis:          Moderate: openswan security update
Advisory ID:       SLSA-2014:0185-1
Issue Date:        2014-02-18
CVE Numbers:       CVE-2013-6466
--

A NULL pointer dereference flaw was discovered in the way Openswan's IKE
daemon processed IKEv2 payloads. A remote attacker could send specially
crafted IKEv2 payloads that, when processed, would lead to a denial of
service (daemon crash), possibly causing existing VPN connections to be
dropped. (CVE-2013-6466)
--

SL5
  x86_64
    openswan-2.6.32-7.3.el5_10.x86_64.rpm
    openswan-debuginfo-2.6.32-7.3.el5_10.x86_64.rpm
    openswan-doc-2.6.32-7.3.el5_10.x86_64.rpm
  i386
    openswan-2.6.32-7.3.el5_10.i386.rpm
    openswan-debuginfo-2.6.32-7.3.el5_10.i386.rpm
    openswan-doc-2.6.32-7.3.el5_10.i386.rpm
SL6
  x86_64
    openswan-2.6.32-27.2.el6_5.x86_64.rpm
    openswan-debuginfo-2.6.32-27.2.el6_5.x86_64.rpm
    openswan-doc-2.6.32-27.2.el6_5.x86_64.rpm
  i386
    openswan-2.6.32-27.2.el6_5.i686.rpm
    openswan-debuginfo-2.6.32-27.2.el6_5.i686.rpm
    openswan-doc-2.6.32-27.2.el6_5.i686.rpm

- Scientific Linux Development Team