Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/811071/?format=api
{ "id": 811071, "url": "http://patchwork.ozlabs.org/api/patches/811071/?format=api", "web_url": "http://patchwork.ozlabs.org/project/buildroot/patch/20170907152655.23933-1-peter@korsgaard.com/", "project": { "id": 27, "url": "http://patchwork.ozlabs.org/api/projects/27/?format=api", "name": "Buildroot development", "link_name": "buildroot", "list_id": "buildroot.buildroot.org", "list_email": "buildroot@buildroot.org", "web_url": "", "scm_url": "", "webscm_url": "", "list_archive_url": "", "list_archive_url_format": "", "commit_url_format": "" }, "msgid": "<20170907152655.23933-1-peter@korsgaard.com>", "list_archive_url": null, "date": "2017-09-07T15:26:55", "name": "strongswan: add upstream security patch", "commit_ref": "2a59db1bb079dfd7cb40ffff7ac1cd550ff6662e", "pull_url": null, "state": "accepted", "archived": false, "hash": "3fd4febedfaaaea99421357b78b52ad24d4d3016", "submitter": { "id": 42365, "url": "http://patchwork.ozlabs.org/api/people/42365/?format=api", "name": "Peter Korsgaard", "email": "peter@korsgaard.com" }, "delegate": null, "mbox": "http://patchwork.ozlabs.org/project/buildroot/patch/20170907152655.23933-1-peter@korsgaard.com/mbox/", "series": [ { "id": 2015, "url": "http://patchwork.ozlabs.org/api/series/2015/?format=api", "web_url": "http://patchwork.ozlabs.org/project/buildroot/list/?series=2015", "date": "2017-09-07T15:26:55", "name": "strongswan: add upstream security patch", "version": 1, "mbox": "http://patchwork.ozlabs.org/series/2015/mbox/" } ], "comments": "http://patchwork.ozlabs.org/api/patches/811071/comments/", "check": "pending", "checks": "http://patchwork.ozlabs.org/api/patches/811071/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<buildroot-bounces@busybox.net>", "X-Original-To": [ "incoming@patchwork.ozlabs.org", "buildroot@lists.busybox.net" ], "Delivered-To": [ "patchwork-incoming@bilbo.ozlabs.org", "buildroot@osuosl.org" ], "Authentication-Results": [ "ozlabs.org;\n\tspf=pass (mailfrom) smtp.mailfrom=busybox.net\n\t(client-ip=140.211.166.136; helo=silver.osuosl.org;\n\tenvelope-from=buildroot-bounces@busybox.net;\n\treceiver=<UNKNOWN>)", "ozlabs.org;\n\tdkim=fail reason=\"signature verification failed\" (2048-bit key;\n\tunprotected) header.d=gmail.com header.i=@gmail.com\n\theader.b=\"DtMi439y\"; dkim-atps=neutral" ], "Received": [ "from silver.osuosl.org (smtp3.osuosl.org [140.211.166.136])\n\t(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))\n\t(No client certificate requested)\n\tby ozlabs.org (Postfix) with ESMTPS id 3xp47Z2KnBz9s8J\n\tfor <incoming@patchwork.ozlabs.org>;\n\tFri, 8 Sep 2017 01:27:06 +1000 (AEST)", "from localhost (localhost [127.0.0.1])\n\tby silver.osuosl.org (Postfix) with ESMTP id 7699630364;\n\tThu, 7 Sep 2017 15:27:04 +0000 (UTC)", "from silver.osuosl.org ([127.0.0.1])\n\tby localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)\n\twith ESMTP id DvtAlFitTCja; Thu, 7 Sep 2017 15:27:04 +0000 (UTC)", "from ash.osuosl.org (ash.osuosl.org [140.211.166.34])\n\tby silver.osuosl.org (Postfix) with ESMTP id D56EB30C66;\n\tThu, 7 Sep 2017 15:27:03 +0000 (UTC)", "from fraxinus.osuosl.org (smtp4.osuosl.org [140.211.166.137])\n\tby ash.osuosl.org (Postfix) with ESMTP id 816FC1C0762\n\tfor <buildroot@lists.busybox.net>;\n\tThu, 7 Sep 2017 15:27:02 +0000 (UTC)", "from localhost (localhost [127.0.0.1])\n\tby fraxinus.osuosl.org (Postfix) with ESMTP id 7A5E086CF1\n\tfor <buildroot@lists.busybox.net>;\n\tThu, 7 Sep 2017 15:27:02 +0000 (UTC)", "from fraxinus.osuosl.org ([127.0.0.1])\n\tby localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)\n\twith ESMTP id Vl6sEf-7cxSr for <buildroot@lists.busybox.net>;\n\tThu, 7 Sep 2017 15:27:01 +0000 (UTC)", "from mail-wm0-f65.google.com (mail-wm0-f65.google.com\n\t[74.125.82.65])\n\tby fraxinus.osuosl.org (Postfix) with ESMTPS id CCF1F86C80\n\tfor <buildroot@buildroot.org>; Thu, 7 Sep 2017 15:27:00 +0000 (UTC)", "by mail-wm0-f65.google.com with SMTP id 187so1622685wmn.0\n\tfor <buildroot@buildroot.org>; Thu, 07 Sep 2017 08:27:00 -0700 (PDT)", "from dell.be.48ers.dk (d51A5BC31.access.telenet.be.\n\t[81.165.188.49]) by smtp.gmail.com with ESMTPSA id\n\tk31sm717488edb.86.2017.09.07.08.26.57\n\t(version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256);\n\tThu, 07 Sep 2017 08:26:57 -0700 (PDT)", "from peko by dell.be.48ers.dk with local (Exim 4.88)\n\t(envelope-from <peko@dell.be.48ers.dk>)\n\tid 1dpyhk-0006Ej-M0; Thu, 07 Sep 2017 17:26:56 +0200" ], "X-Virus-Scanned": [ "amavisd-new at osuosl.org", "amavisd-new at osuosl.org" ], "X-Greylist": "domain auto-whitelisted by SQLgrey-1.7.6", "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;\n\th=sender:from:to:cc:subject:date:message-id;\n\tbh=U9zYiHHz9g+6OYKCo+9Vd48AXkPtPYuJped917Q81Ug=;\n\tb=DtMi439yWDku06IQtNUyesTfkWrv8cSBE9a44b4jWD+uEnWS7/w+Dr9SolQKib9zpN\n\t9TU4HLYSHj2EKca6k/u4vvw0WxE2ewZWIX62wFNIwA8kH/t7DOJic65V8mKG+miHTSqc\n\tzkU5kQhQaaPkQtsG/gUeCW7noAsR/8Nv2jBUshqD4LinrdYI9qyC9NLd8i+BQVXRtrj/\n\thFc4FMzeJlUGvU33KWE020vHA5tn7sCXdoGfgyuVUUGQw02zdBMy5buseAG1YcujnOn1\n\t+y/YtQx6YTnBgaI0Jlo1c/+yTc4Z3ccsBMdZYCWrVotu0s+BBwci5oL2+h02xyd/Ex7q\n\tuBHg==", "X-Google-DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed;\n\td=1e100.net; s=20161025;\n\th=x-gm-message-state:sender:from:to:cc:subject:date:message-id;\n\tbh=U9zYiHHz9g+6OYKCo+9Vd48AXkPtPYuJped917Q81Ug=;\n\tb=GaiMHzIqzmaYuVa7Dh3my7h+EwjjmnM1LAiigiaKIdpgofdcRpAEoKTptgwHf9saJ5\n\tbYLpW65dfMRS0Jw7dcy5qQ8NNiFc/PkX++ugYFQU7mHlhMLVanqKtBe88sHmEXmnRJgP\n\tXhqhKt5GSsp1d/QXbYuB6ntR72o0xfM+SNQ24cq+/Ro0nmliut8619ZyvpdvtdK9F1V+\n\tDhFrPlJFPqYnjvigOBIdqrhKg0geHHQOY2oAGcWsBesAM23deCJYJQ8oZMQaAAXXpYom\n\tLsrmohi9nWvNdYx2Fs9YlTUCCJpVBqqJ1qjNtSmdpRqLTn1vEK3VLOylPdfpeMGPn4GV\n\tOo5Q==", "X-Gm-Message-State": "AHPjjUiBOSIRIl+Bj3UvxdBWV6+f6TXfWvT2RC/mhlSqQ6bcDbarOrvk\n\teV1AlxLonz33t3AIapw=", "X-Google-Smtp-Source": "ADKCNb4m4okPZMH25j3DuMpcbJ2ofKlHSUnBd8ZsBNCIUXhzrGMH1f4iXpB6erS5iWBw/PwzatUvLw==", "X-Received": "by 10.80.147.228 with SMTP id o91mr2714136eda.163.1504798018851; \n\tThu, 07 Sep 2017 08:26:58 -0700 (PDT)", "From": "Peter Korsgaard <peter@korsgaard.com>", "To": "buildroot@buildroot.org", "Date": "Thu, 7 Sep 2017 17:26:55 +0200", "Message-Id": "<20170907152655.23933-1-peter@korsgaard.com>", "X-Mailer": "git-send-email 2.11.0", "Subject": "[Buildroot] [PATCH] strongswan: add upstream security patch", "X-BeenThere": "buildroot@busybox.net", "X-Mailman-Version": "2.1.18-1", "Precedence": "list", "List-Id": "Discussion and development of buildroot <buildroot.busybox.net>", "List-Unsubscribe": "<http://lists.busybox.net/mailman/options/buildroot>,\n\t<mailto:buildroot-request@busybox.net?subject=unsubscribe>", "List-Archive": "<http://lists.busybox.net/pipermail/buildroot/>", "List-Post": "<mailto:buildroot@busybox.net>", "List-Help": "<mailto:buildroot-request@busybox.net?subject=help>", "List-Subscribe": "<http://lists.busybox.net/mailman/listinfo/buildroot>,\n\t<mailto:buildroot-request@busybox.net?subject=subscribe>", "MIME-Version": "1.0", "Content-Type": "text/plain; charset=\"us-ascii\"", "Content-Transfer-Encoding": "7bit", "Errors-To": "buildroot-bounces@busybox.net", "Sender": "\"buildroot\" <buildroot-bounces@busybox.net>" }, "content": "Fixes CVE-2017-11185: The gmp plugin in strongSwan before 5.6.0 allows\nremote attackers to cause a denial of service (NULL pointer dereference and\ndaemon crash) via a crafted RSA signature.\n\nFor more details, see\nhttps://www.strongswan.org/blog/2017/08/14/strongswan-vulnerability-%28cve-2017-11185%29.html\n\nWhile we're at it, add hashes for the license files.\n\nSigned-off-by: Peter Korsgaard <peter@korsgaard.com>\n---\n package/strongswan/strongswan.hash | 3 +++\n package/strongswan/strongswan.mk | 3 ++-\n 2 files changed, 5 insertions(+), 1 deletion(-)", "diff": "diff --git a/package/strongswan/strongswan.hash b/package/strongswan/strongswan.hash\nindex cbc4e3857a..820c712843 100644\n--- a/package/strongswan/strongswan.hash\n+++ b/package/strongswan/strongswan.hash\n@@ -5,3 +5,6 @@ sha256\tf8288faaea6a9cd8a7d413c0b76b7922be5da3dfcd01fd05cb30d2c55d3bbe89\tstrongsw\n # Locally calculated\n sha256\tf5ba7f46cf7ae81dd81bc86f9e4cfa0c5c7c6987149b3bc9c0b8bf08598a1063 strongswan-4.4.0-5.5.2_gmp_mpz_powm_sec.patch\n sha256\t03db8c7a4133e877e8992e155c046dd27ec4810d50f239abf55595f0280caf31 strongswan-5.0.0-5.5.2_asn1_choice.patch\n+sha256\tc80e02c9a5eeaf10f0a8bdde3be6375dd2833e515af03dad3a700e93c4fd041a strongswan-4.4.0-5.5.3_gmp_mpz_export.patch\n+sha256\t8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 COPYING\n+sha256\t2292e21797754548dccdef9eef6aee7584e552fbd890fa914e1de8d3577d23f0 LICENSE\ndiff --git a/package/strongswan/strongswan.mk b/package/strongswan/strongswan.mk\nindex 1070eeaf8b..30bbc6c852 100644\n--- a/package/strongswan/strongswan.mk\n+++ b/package/strongswan/strongswan.mk\n@@ -9,7 +9,8 @@ STRONGSWAN_SOURCE = strongswan-$(STRONGSWAN_VERSION).tar.bz2\n STRONGSWAN_SITE = http://download.strongswan.org\n STRONGSWAN_PATCH = \\\n \t$(STRONGSWAN_SITE)/patches/21_gmp_mpz_powm_sec_patch/strongswan-4.4.0-5.5.2_gmp_mpz_powm_sec.patch \\\n-\t$(STRONGSWAN_SITE)/patches/22_asn1_choice_patch/strongswan-5.0.0-5.5.2_asn1_choice.patch\n+\t$(STRONGSWAN_SITE)/patches/22_asn1_choice_patch/strongswan-5.0.0-5.5.2_asn1_choice.patch \\\n+\t$(STRONGSWAN_SITE)/patches/23_gmp_mpz_export_patch/strongswan-4.4.0-5.5.3_gmp_mpz_export.patch\n STRONGSWAN_LICENSE = GPL-2.0+\n STRONGSWAN_LICENSE_FILES = COPYING LICENSE\n STRONGSWAN_DEPENDENCIES = host-pkgconf\n", "prefixes": [] }