- update to version 5.0.4 which fixes CVE-2013-2944.
- add entry to vuxml - add CVE references to jankins vuxml entry while I'm here remove .sh from rc script PR: ports/178266 Submitted by: David Shane Holden <dpejesh@yahoo.com> Approved by: strongswan@nanoteq.com (maintainer)
This commit is contained in:
parent
09b9dd6fc5
commit
7ee3843173
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=317229
5 changed files with 41 additions and 4 deletions
|
@ -2,7 +2,7 @@
|
|||
# $FreeBSD$
|
||||
|
||||
PORTNAME= strongswan
|
||||
PORTVERSION= 5.0.1
|
||||
PORTVERSION= 5.0.4
|
||||
CATEGORIES= security
|
||||
MASTER_SITES= http://download.strongswan.org/ \
|
||||
http://download2.strongswan.org/
|
||||
|
@ -15,7 +15,7 @@ LIB_DEPENDS= execinfo:${PORTSDIR}/devel/libexecinfo
|
|||
USE_BZIP2= yes
|
||||
USE_OPENSSL= yes
|
||||
USE_AUTOTOOLS= libtool
|
||||
USE_RC_SUBR= strongswan.sh
|
||||
USE_RC_SUBR= strongswan
|
||||
GNU_CONFIGURE= yes
|
||||
USE_LDCONFIG= yes
|
||||
|
||||
|
|
|
@ -1,2 +1,2 @@
|
|||
SHA256 (strongswan-5.0.1.tar.bz2) = 1a4dff19ef69d15e0b90b1ea80bd183235ac73b4ecd114aab58ed54de0f5c3b4
|
||||
SIZE (strongswan-5.0.1.tar.bz2) = 3146776
|
||||
SHA256 (strongswan-5.0.4.tar.bz2) = 3ec66d64046f652ab7556b3be8f9be8981fd32ef4a11e3e461a04d658928bfe2
|
||||
SIZE (strongswan-5.0.4.tar.bz2) = 3412930
|
||||
|
|
|
@ -91,6 +91,9 @@ lib/ipsec/plugins/libstrongswan-pgp.so
|
|||
lib/ipsec/plugins/libstrongswan-pkcs1.a
|
||||
lib/ipsec/plugins/libstrongswan-pkcs1.la
|
||||
lib/ipsec/plugins/libstrongswan-pkcs1.so
|
||||
lib/ipsec/plugins/libstrongswan-pkcs7.a
|
||||
lib/ipsec/plugins/libstrongswan-pkcs7.la
|
||||
lib/ipsec/plugins/libstrongswan-pkcs7.so
|
||||
lib/ipsec/plugins/libstrongswan-pkcs8.a
|
||||
lib/ipsec/plugins/libstrongswan-pkcs8.la
|
||||
lib/ipsec/plugins/libstrongswan-pkcs8.so
|
||||
|
|
|
@ -51,6 +51,36 @@ Note: Please add new entries to the beginning of this file.
|
|||
|
||||
-->
|
||||
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
|
||||
<vuln vid="6ff570cb-b418-11e2-b279-20cf30e32f6d">
|
||||
<topic>strongSwan -- ECDSA signature verification issue</topic>
|
||||
<affects>
|
||||
<package>
|
||||
<name>strongswan</name>
|
||||
<range><lt>5.0.4</lt></range>
|
||||
</package>
|
||||
</affects>
|
||||
<description>
|
||||
<body xmlns="http://www.w3.org/1999/xhtml">
|
||||
<p>strongSwan security team reports:</p>
|
||||
<blockquote cite="http://www.strongswan.org/blog/2013/04/30/strongswan-5.0.4-released-%28cve-2013-2944%29.html">
|
||||
<p>If the openssl plugin is used for ECDSA signature verification an empty,
|
||||
zeroed or otherwise invalid signature is handled as a legitimate one.
|
||||
Both IKEv1 and IKEv2 are affected.</p>
|
||||
<p>Affected are only installations that have enabled and loaded the OpenSSL
|
||||
crypto backend (--enable-openssl). Builds using the default crypto backends
|
||||
are not affected.</p>
|
||||
</blockquote>
|
||||
</body>
|
||||
</description>
|
||||
<references>
|
||||
<cvename>CVE-2013-2944</cvename>
|
||||
</references>
|
||||
<dates>
|
||||
<discovery>2013-05-03</discovery>
|
||||
<entry>2013-05-03</entry>
|
||||
</dates>
|
||||
</vuln>
|
||||
|
||||
<vuln vid="622e14b1-b40c-11e2-8441-00e0814cab4e">
|
||||
<topic>jenkins -- multiple vulnerabilities</topic>
|
||||
<affects>
|
||||
|
@ -100,6 +130,10 @@ Note: Please add new entries to the beginning of this file.
|
|||
</description>
|
||||
<references>
|
||||
<url>https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-05-02</url>
|
||||
<cvename>CVE-2013-2034</cvename>
|
||||
<cvename>CVE-2013-2033</cvename>
|
||||
<cvename>CVE-2013-2034</cvename>
|
||||
<cvename>CVE-2013-1808</cvename>
|
||||
</references>
|
||||
<dates>
|
||||
<discovery>2013-05-02</discovery>
|
||||
|
|
Loading…
Reference in a new issue