{"affected":[{"ecosystem_specific":{"binaries":[{"ipsec-tools":"0.7.3-1.13.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 11 SP3","name":"ipsec-tools","purl":"pkg:rpm/suse/ipsec-tools&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"0.7.3-1.13.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"ipsec-tools":"0.7.3-1.13.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 11 SP3-TERADATA","name":"ipsec-tools","purl":"pkg:rpm/suse/ipsec-tools&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-TERADATA"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"0.7.3-1.13.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"ipsec-tools":"0.7.3-1.13.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 11 SP3","name":"ipsec-tools","purl":"pkg:rpm/suse/ipsec-tools&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"0.7.3-1.13.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"ipsec-tools":"0.7.3-1.13.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 11 SP4","name":"ipsec-tools","purl":"pkg:rpm/suse/ipsec-tools&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"0.7.3-1.13.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"ipsec-tools":"0.7.3-1.13.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 11 SP4","name":"ipsec-tools","purl":"pkg:rpm/suse/ipsec-tools&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"0.7.3-1.13.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"ipsec-tools was updated to fix one security issue and a bug.\n\nThis security issue was fixed:\n\n- CVE-2015-4047: racoon/gssapi.c in ipsec-tools allowed remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a series of crafted UDP requests (bsc#931989).\n\nDue to a packaging error, the racoonf.conf config file was symlinked to /usr/share/doc/packages/ipsec-tools/examples/racoon/samples/racoon.conf\non some processor platforms, edits might have happened only in this example file.\n\nBefore upgrading, please check if /etc/racoon/racoon.conf is a symlink to this example file and backup the content. (bsc#939810)\n  ","id":"SUSE-SU-2015:1367-1","modified":"2015-08-06T10:04:53Z","published":"2015-08-06T10:04:53Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2015/suse-su-20151367-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/931989"},{"type":"REPORT","url":"https://bugzilla.suse.com/939810"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-4047"}],"related":["CVE-2015-4047"],"summary":"Security update for ipsec-tools","upstream":["CVE-2015-4047"]}