pkg/32158: pkgsrc ipsec-tools vuln, can't upgrade

To: pkg-manager%netbsd.org@localhost, gnats-admin%netbsd.org@localhost, pkgsrc-bugs%netbsd.org@localhost
Subject: pkg/32158: pkgsrc ipsec-tools vuln, can't upgrade
From: peter%boku.net@localhost
Date: Thu, 24 Nov 2005 14:14:00 +0000 (UTC)

>Number:         32158
>Category:       pkg
>Synopsis:       pkgsrc ipsec-tools vuln, can't upgrade
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    pkg-manager
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Thu Nov 24 14:14:00 +0000 2005
>Originator:     Peter Eisch
>Release:        NetBSD-2.0.2_STABLE
>Organization:
>Environment:
NetBSD buster 2.0.2_STABLE NetBSD 2.0.2_STABLE (PETER-FW) #2: Tue Aug 16 
20:18:56 CDT 2005  
peter@buster:/builds/netbsd-2-0/i386/obj/builds/netbsd-2-0/src/sys/arch/i386/compile/PETER-FW
 i386

>Description:
current audit-packages reports:

Running /etc/security.local:
Package ipsec-tools-0.6b2 has a 1525,denial-of-service vulnerability, see 
http://secunia.com/advisories/17668/


But when I attempt to upgrade to a modern pkgsrc version I'm presented with:

===> ipsec-tools-0.6.3 is not available for NetBSD-2.0.2_STABLE-i386

Upon further review, I find:
...
ONLY_FOR_PLATFORM=      NetBSD-[3-9].*-* Linux-2.[6-9].*-*
...

How can this be?  Does this mean that I have to migrate my vpn concentrators 
(which otherwise perform nicely) to Linux to run on a stable OS release?
>How-To-Repeat:
install pkgsrc/security/ipsec-tools from 0.6.3 or earlier.
>Fix:
Reload system with RedHat.

Prev by Date: Re: pkg/32155
Next by Date: Re: pkg/32158
Previous by Thread: Re: pkg/32155
Next by Thread: Re: pkg/32158
Indexes:

Home | Main Index | Thread Index | Old Index