This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Up2Date 8.304 Soft-Release

Hi everyone, we have made available ASG V8.304 as a soft-release. This is specifically to address a vulnerability in IPSec which was recently published. As such, this security Up2Date should be applied as soon as possible if you use IPSec.
*Due to the security-related nature of this package, we will GA push this tomorrow, on the 24th of May.

Up2Date 8.304 Details
News:
• Fix IPsec Vulnerability

Remarks:
• System will be rebooted

Bugfixes:
• no Bugfixes in this release

Download:
Link: ftp://ftp.astaro.de/ASG/v8/up2date/u2d-sys-8.304.tgz.gpg
Size: ~1.5MB
MD5: 77484d31557421f5e65d66438499ea8a

This thread was automatically locked due to age.

Parents

0 ulmi over 13 years ago

As far as I know 7.5 is not affected, but all V8 versions are. I would definitely recommend you to update if you are using IPsec.
Cancel
Vote Up 0 Vote Down

Cancel
0 firewalker over 13 years ago in reply to ulmi

Guys @Astaro,

please tell us WHAT exactly is broken in IPSEC that needs to be fixed in 8.304?

There is absolutely NO information alvailable at all and that makes me feel a bit sick!!

Is it possible to get root access to a firewall through that IPSEC bug?
Is it "just" possible to DoS a system?

Please let us know what has been fixed and why!

Regards
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 firewalker over 13 years ago in reply to ulmi

Guys @Astaro,

please tell us WHAT exactly is broken in IPSEC that needs to be fixed in 8.304?

There is absolutely NO information alvailable at all and that makes me feel a bit sick!!

Is it possible to get root access to a firewall through that IPSEC bug?
Is it "just" possible to DoS a system?

Please let us know what has been fixed and why!

Regards
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data