Message-ID: <email address hidden>
Date: Fri, 25 Feb 2005 18:50:06 +0200
From: Tuomas Jormola <email address hidden>
To: Debian Bug Tracking System <email address hidden>
Subject: ipsec-tools: /etc/init.d/setkey restart is broken
Package: ipsec-tools
Version: 1:0.5-3
Severity: grave
Justification: user security hole
In restart target of the setkey init script setkey is run with the
following command:
$SETKEY -f $SETKEY_CONF:
This fails of course since it appends ':' to the configuration file
name. Potential security hole introduced if the init script is used to
apply new secure configuration over previous insecure one but this fails
due to the typo in the script.
Versions of packages ipsec-tools depends on:
ii libc6 2.3.2.ds1-20 GNU C Library: Shared libraries an
ii libreadline5 5.0-10 GNU readline and history libraries
Message-ID: <email address hidden>
Date: Fri, 25 Feb 2005 18:50:06 +0200
From: Tuomas Jormola <email address hidden>
To: Debian Bug Tracking System <email address hidden>
Subject: ipsec-tools: /etc/init.d/setkey restart is broken
Package: ipsec-tools
Version: 1:0.5-3
Severity: grave
Justification: user security hole
In restart target of the setkey init script setkey is run with the
following command:
$SETKEY -f $SETKEY_CONF:
This fails of course since it appends ':' to the configuration file
name. Potential security hole introduced if the init script is used to
apply new secure configuration over previous insecure one but this fails
due to the typo in the script.
-- System Information: ISO-8859- 15)
Debian Release: 3.1
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.10
Locale: LANG=C, LC_CTYPE=fi_FI@euro (charmap=
Versions of packages ipsec-tools depends on:
ii libc6 2.3.2.ds1-20 GNU C Library: Shared libraries an
ii libreadline5 5.0-10 GNU readline and history libraries
-- no debconf information