ipsec-tools: /etc/init.d/setkey restart is broken

Bug #13271 reported by Debian Bug Importer on 2005-02-25
4
Affects Status Importance Assigned to Milestone
ipsec-tools (Debian)
Fix Released
Unknown
ipsec-tools (Ubuntu)
High
Unassigned

Bug Description

Automatically imported from Debian bug report #296912 http://bugs.debian.org/296912

Debian Bug Importer (debzilla) wrote :

Automatically imported from Debian bug report #296912 http://bugs.debian.org/296912

Debian Bug Importer (debzilla) wrote :

Message-ID: <email address hidden>
Date: Fri, 25 Feb 2005 18:50:06 +0200
From: Tuomas Jormola <email address hidden>
To: Debian Bug Tracking System <email address hidden>
Subject: ipsec-tools: /etc/init.d/setkey restart is broken

Package: ipsec-tools
Version: 1:0.5-3
Severity: grave
Justification: user security hole

In restart target of the setkey init script setkey is run with the
following command:

$SETKEY -f $SETKEY_CONF:

This fails of course since it appends ':' to the configuration file
name. Potential security hole introduced if the init script is used to
apply new secure configuration over previous insecure one but this fails
due to the typo in the script.

-- System Information:
Debian Release: 3.1
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.10
Locale: LANG=C, LC_CTYPE=fi_FI@euro (charmap=ISO-8859-15)

Versions of packages ipsec-tools depends on:
ii libc6 2.3.2.ds1-20 GNU C Library: Shared libraries an
ii libreadline5 5.0-10 GNU readline and history libraries

-- no debconf information

Matt Zimmerman (mdz) wrote :

applies only to a later version than in Hoary

Source: ipsec-tools
Source-Version: 1:0.5-4

We believe that the bug you reported is fixed in the latest version of
ipsec-tools, which is due to be installed in the Debian FTP archive:

ipsec-tools_0.5-4.diff.gz
  to pool/main/i/ipsec-tools/ipsec-tools_0.5-4.diff.gz
ipsec-tools_0.5-4.dsc
  to pool/main/i/ipsec-tools/ipsec-tools_0.5-4.dsc
ipsec-tools_0.5-4_i386.deb
  to pool/main/i/ipsec-tools/ipsec-tools_0.5-4_i386.deb
racoon_0.5-4_i386.deb
  to pool/main/i/ipsec-tools/racoon_0.5-4_i386.deb

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to <email address hidden>,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Ganesan Rajagopal <email address hidden> (supplier of updated ipsec-tools package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing <email address hidden>)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Sat, 26 Feb 2005 11:39:19 +0530
Source: ipsec-tools
Binary: racoon ipsec-tools
Architecture: source i386
Version: 1:0.5-4
Distribution: unstable
Urgency: low
Maintainer: Ganesan Rajagopal <email address hidden>
Changed-By: Ganesan Rajagopal <email address hidden>
Description:
 ipsec-tools - IPsec tools for Linux
 racoon - IPsec IKE keying daemon
Closes: 296912
Changes:
 ipsec-tools (1:0.5-4) unstable; urgency=low
 .
   * Fix typo in ipsec-tools.setkey.init (closes: #296912).
Files:
 98648f2c3724a34c1a033ef7759a59c7 642 net extra ipsec-tools_0.5-4.dsc
 65845e45e63610da4f11d219d5f4982c 41398 net extra ipsec-tools_0.5-4.diff.gz
 fdcebf861aa66fc63be0b09a55354c05 77994 net extra ipsec-tools_0.5-4_i386.deb
 98978e9fa22aca89ecde5078bf5b8060 287594 net extra racoon_0.5-4_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)

iD8DBQFCIBc8FeACul2MEuoRAhYTAKCrlb3a519lrTKX/B6Y+FOiXrbyEACfdg3G
091x6+1ds1BBOaLdlUHXD3U=
=I/9p
-----END PGP SIGNATURE-----

Debian Bug Importer (debzilla) wrote :

Message-Id: <email address hidden>
Date: Sat, 26 Feb 2005 01:47:07 -0500
From: Ganesan Rajagopal <email address hidden>
To: <email address hidden>
Subject: Bug#296912: fixed in ipsec-tools 1:0.5-4

Source: ipsec-tools
Source-Version: 1:0.5-4

We believe that the bug you reported is fixed in the latest version of
ipsec-tools, which is due to be installed in the Debian FTP archive:

ipsec-tools_0.5-4.diff.gz
  to pool/main/i/ipsec-tools/ipsec-tools_0.5-4.diff.gz
ipsec-tools_0.5-4.dsc
  to pool/main/i/ipsec-tools/ipsec-tools_0.5-4.dsc
ipsec-tools_0.5-4_i386.deb
  to pool/main/i/ipsec-tools/ipsec-tools_0.5-4_i386.deb
racoon_0.5-4_i386.deb
  to pool/main/i/ipsec-tools/racoon_0.5-4_i386.deb

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to <email address hidden>,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Ganesan Rajagopal <email address hidden> (supplier of updated ipsec-tools package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing <email address hidden>)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Sat, 26 Feb 2005 11:39:19 +0530
Source: ipsec-tools
Binary: racoon ipsec-tools
Architecture: source i386
Version: 1:0.5-4
Distribution: unstable
Urgency: low
Maintainer: Ganesan Rajagopal <email address hidden>
Changed-By: Ganesan Rajagopal <email address hidden>
Description:
 ipsec-tools - IPsec tools for Linux
 racoon - IPsec IKE keying daemon
Closes: 296912
Changes:
 ipsec-tools (1:0.5-4) unstable; urgency=low
 .
   * Fix typo in ipsec-tools.setkey.init (closes: #296912).
Files:
 98648f2c3724a34c1a033ef7759a59c7 642 net extra ipsec-tools_0.5-4.dsc
 65845e45e63610da4f11d219d5f4982c 41398 net extra ipsec-tools_0.5-4.diff.gz
 fdcebf861aa66fc63be0b09a55354c05 77994 net extra ipsec-tools_0.5-4_i386.deb
 98978e9fa22aca89ecde5078bf5b8060 287594 net extra racoon_0.5-4_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)

iD8DBQFCIBc8FeACul2MEuoRAhYTAKCrlb3a519lrTKX/B6Y+FOiXrbyEACfdg3G
091x6+1ds1BBOaLdlUHXD3U=
=I/9p
-----END PGP SIGNATURE-----

Changed in ipsec-tools:
status: Unknown → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.