diff options
| author | Kirill Ponomarev <krion@FreeBSD.org> | 2018-05-31 12:39:51 +0000 |
|---|---|---|
| committer | Kirill Ponomarev <krion@FreeBSD.org> | 2018-05-31 12:39:51 +0000 |
| commit | 9ccf25ffb8d85b35eda8a61974fec6f2a22ab8bd (patch) | |
| tree | 528d366a7d8328f3f9c28e8f40cb2f9aaa8c01fb | |
| parent | Revert inadvertret change to OPTIONS_DEFAULT in previous commit (r471203). (diff) | |
Update to 5.6.3
Fixes:
- Denial-of-Service Vulnerability in the IKEv2 key derivation
(CVE-2018-10811)
- Denial-of-Service Vulnerability in the stroke plugin
(CVE-2018-5388)
- Crash on FreeBSD that was present in 5.6.2
- The kernel-pfkey plugin optionally installs routes via internal
interface (one with an IP in the local traffic selector). On
FreeBSD, enabling this selects the correct source IP when sending
packets from the gateway itself.
PR: 228631
Submitted by: maintainer
Notes
Notes:
svn path=/head/; revision=471205
| -rw-r--r-- | security/strongswan/Makefile | 3 | ||||
| -rw-r--r-- | security/strongswan/distinfo | 6 | ||||
| -rw-r--r-- | security/strongswan/files/patch-src_libcharon_sa_ikev2_authenticators_pubkey_authenticator.c | 22 |
3 files changed, 4 insertions, 27 deletions
diff --git a/security/strongswan/Makefile b/security/strongswan/Makefile index 1dad5cadc468..fd52297d3e6a 100644 --- a/security/strongswan/Makefile +++ b/security/strongswan/Makefile @@ -2,8 +2,7 @@ # $FreeBSD$ PORTNAME= strongswan -PORTVERSION= 5.6.2 -PORTREVISION= 1 +PORTVERSION= 5.6.3 CATEGORIES= security MASTER_SITES= http://download.strongswan.org/ \ http://download2.strongswan.org/ diff --git a/security/strongswan/distinfo b/security/strongswan/distinfo index 5d4cd46d2965..4cbb29d5ad54 100644 --- a/security/strongswan/distinfo +++ b/security/strongswan/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1519043301 -SHA256 (strongswan-5.6.2.tar.bz2) = e0a60a30ebf3c534c223559e1686497a21ded709a5d605c5123c2f52bcc22e92 -SIZE (strongswan-5.6.2.tar.bz2) = 4977859 +TIMESTAMP = 1527575366 +SHA256 (strongswan-5.6.3.tar.bz2) = c3c7dc8201f40625bba92ffd32eb602a8909210d8b3fac4d214c737ce079bf24 +SIZE (strongswan-5.6.3.tar.bz2) = 4961579 diff --git a/security/strongswan/files/patch-src_libcharon_sa_ikev2_authenticators_pubkey_authenticator.c b/security/strongswan/files/patch-src_libcharon_sa_ikev2_authenticators_pubkey_authenticator.c deleted file mode 100644 index 722a2b8ceb0b..000000000000 --- a/security/strongswan/files/patch-src_libcharon_sa_ikev2_authenticators_pubkey_authenticator.c +++ /dev/null @@ -1,22 +0,0 @@ ---- src/libcharon/sa/ikev2/authenticators/pubkey_authenticator.c.orig -+++ src/libcharon/sa/ikev2/authenticators/pubkey_authenticator.c -@@ -164,7 +164,7 @@ static array_t *select_signature_schemes(keymat_v2_t *keymat, - signature_scheme_t schemes[] = { - SIGN_RSA_EMSA_PKCS1_SHA2_384, - SIGN_RSA_EMSA_PKCS1_SHA2_256, -- }, contained; -+ }; - bool found; - int i, j; - -@@ -174,8 +174,8 @@ static array_t *select_signature_schemes(keymat_v2_t *keymat, - found = FALSE; - for (j = 0; j < array_count(selected); j++) - { -- array_get(selected, j, &contained); -- if (scheme == contained) -+ array_get(selected, j, &config); -+ if (scheme == config->scheme) - { - found = TRUE; - break; |