From 7b8fbd7402ffa10cc54fb79f1b0fbe13b5d3f6a6 Mon Sep 17 00:00:00 2001
From: Andreas Steffen <andreas.steffen@strongswan.org>
Date: Thu, 31 Oct 2013 22:11:11 +0100
Subject: [PATCH] Added security info on CVE-2013-6075 and CVE-2013-6076

---
 NEWS | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/NEWS b/NEWS
index 815d8cd0c..35edec9b4 100644
--- a/NEWS
+++ b/NEWS
@@ -1,6 +1,15 @@
 strongswan-5.1.1
 ----------------
 
+- Fixed a denial-of-service vulnerability and potential authorization bypass
+  triggered by a crafted ID_DER_ASN1_DN ID payload. The cause is an insufficient
+  length check when comparing such identities. The vulnerability has been
+  registered as CVE-2013-6075.
+
+- Fixed a denial-of-service vulnerability triggered by a crafted IKEv1
+  fragmentation payload. The cause is a NULL pointer dereference. The
+  vulnerability has been registered as CVE-2013-6076.
+
 - The lean stand-alone pt-tls-client can set up a RFC 6876 PT-TLS session
   with a strongSwan policy enforcement point which uses the tnc-pdp charon
   plugin.