Re: CVE request for unfixed CVE-2013-6466 in openswan-2.6.40

[cve-assign () mitre org]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> openswan-2.6.40 (released Feb 14) was supposed to address
> CVE-2013-6466 (which also affected libreswan as per CVE-2013-6467) but
> the fix is incomplete and openswan can still crashed using mangled or
> missing IKEv2 payloads.

Use CVE-2014-2037.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJTBY7oAAoJEKllVAevmvmsWv4IAMg8NTfLA7HMt7U2ADHuVLpX
htKO2JV7dXuFgiHj6WCjs5DCIlVALDLFqjbqC0MjDFEX/NPRuMxq+C+yYIurq+mS
YXsIZqsJaPm5sX4aJ1KlFlt1eWpPjdpBicaxE5g83kc38Cip0DxER0ZSPuPt8+o7
302LY4lIkRLbTcrNCGjJjatj1VVskaWqMDTZSzS4tqIuBmGBUjaEBr+3BDHy6k4q
6hUMzpIf/slDG9d+NUTxu2tx1tcuPRvHC8R22W6MVd/zKegYcNfGpczBe0upRpz3
1UkzZCKN5Zo7TuOKSByV82QGp7md/HBuL+Jmvw3ZQB0tr0MgvoOC2r3i5iYGtU8=
=X4Ym
-----END PGP SIGNATURE-----