From b37cda8211ec08b5301a339cf9b01523380d9688 Mon Sep 17 00:00:00 2001
From: Andreas Steffen <andreas.steffen@strongswan.org>
Date: Thu, 18 Sep 2008 00:34:31 +0000
Subject: [PATCH] completed NEWS for 4.2.7 release

---
 NEWS | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/NEWS b/NEWS
index 12faf5b0e..ecf9da7e3 100644
--- a/NEWS
+++ b/NEWS
@@ -1,6 +1,12 @@
 strongswan-4.2.7
 ----------------
 
+- Fixed a Denial-of-Service vulnerability where an IKE_SA_INIT message with
+  a KE payload containing zeroes only can cause a crash of the IKEv2 charon
+  daemon due to a NULL pointer returned by the mpz_export() function of the
+  GNU Multiprecision Library (GMP). Thanks go to Mu Dynamics Research Labs
+  for making us aware of this problem. 
+
 - The new agent plugin provides a private key implementation on top of an 
   ssh-agent.
 
@@ -11,6 +17,10 @@ strongswan-4.2.7
   explicitly --with-capabilities=libcap. Future version will support the
   newer libcap2 library.
 
+- ipsec listalgs lists the IKEv2 cryptografic algorithms registered with the
+  charon keying daemon.
+
+
 strongswan-4.2.6
 ----------------