A NULL pointer dereference flaw was found in IPsecTools. A remote attacker could use this flaw to crash the IKE daemon via specially crafted UDP packets if the HAVE_GSSAPI configuration option is set. CVE request: http://seclists.org/oss-sec/2015/q2/503 Proposed patch: http://seclists.org/fulldisclosure/2015/May/83 External References: https://www.altsci.com/ipsec/ipsec-tools-sa.html
Created ipsec-tools tracking bugs for this issue: Affects: fedora-all [bug 1223420] Affects: epel-7 [bug 1223421]
Statement: Red Hat Enterprise Linux 5 is now in Production 3 Phase of the support and maintenance life cycle. This has been rated as having Moderate security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/
note this resolving is a little odd. Because ipsec-tools in in fedora DOES have this issue fixed, and so will EPEL6
ipsec-tools-0.8.2-1.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.
ipsec-tools-0.8.2-1.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report.