A NULL pointer dereference in Openswan may allow remote attackers to cause Denial of Service.
|Package||net-misc/openswan on all architectures|
|Affected versions||<= 2.6.39-r1|
Openswan is an implementation of IPsec for Linux.
A NULL pointer dereference has been found in Openswan.
A remote attacker could create a Denial of Service condition.
There is no known workaround at this time.
Gentoo has discontinued support for Openswan. We recommend that users unmerge Openswan:
# emerge --unmerge "net-misc/openswan"
NOTE: The Gentoo developer(s) maintaining Openswan have discontinued support at this time. It may be possible that a new Gentoo developer will update Openswan at a later date. Alternatives packages such as Libreswan and strongSwan are currently available in Gentoo Portage.
November 23, 2014
November 23, 2014: 1