[Bug 228631] security/strongswan: Update to 5.6.3 (Fixes DOS Security Vulnerabilities)
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Thu May 31 10:18:53 UTC 2018
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=228631
Bug ID: 228631
Summary: security/strongswan: Update to 5.6.3 (Fixes DOS
Security Vulnerabilities)
Product: Ports & Packages
Version: Latest
Hardware: Any
OS: Any
Status: New
Severity: Affects Some People
Priority: ---
Component: Individual Port(s)
Assignee: ports-bugs at FreeBSD.org
Reporter: strongswan at Nanoteq.com
CC: garga at FreeBSD.org
Attachment #193862 maintainer-approval+
Flags:
Flags: maintainer-feedback+
Created attachment 193862
--> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=193862&action=edit
strongSwan 5.6.3 Update Diff
Updated to strongSwan 5.6.3
Fixes:
- Denial-of-Service Vulnerability in the IKEv2 key derivation (CVE-2018-10811)
- Denial-of-Service Vulnerability in the stroke plugin (CVE-2018-5388)
- Crash on FreeBSD that was present in 5.6.2
- The kernel-pfkey plugin optionally installs routes via internal interface
(one with an IP in the local traffic selector). On FreeBSD, enabling this
selects the correct source IP when sending packets from the gateway itself.
Note:
The previous patch file that was added to fix the crash in 5.6.2
(files/patch-src_libcharon_sa_ikev2_authenticators_pubkey_authenticator.c)
Is now removed from the update.
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-ports-bugs
mailing list