Two vulnerabilities have been discovered in openswan, an IPSec implementation for linux. The Common Vulnerabilities and Exposures project identifies the following problems:
Dmitry E. Oboukhov discovered that the livetest tool is using temporary files insecurely, which could lead to a denial of service attack.
Gerd v. Egidy discovered that the Pluto IKE daemon in openswan is prone to a denial of service attack via a malicious packet.
For the oldstable distribution (etch), this problem has been fixed in version 2.4.6+dfsg.2-1.1+etch1.
For the stable distribution (lenny), this problem has been fixed in version 2.4.12+dfsg-1.3+lenny1.
For the testing distribution (squeeze) and the unstable distribution (sid), this problem will be fixed soon.
We recommend that you upgrade your openswan packages.