| Message ID | 20231226152535.519193-1-fontaine.fabrice@gmail.com |
|---|---|
| State | Accepted |
| Headers | show |
| Series | [1/1] package/strongswan: security bump to version 5.9.13 | expand |
Fabrice, All, On 2023-12-26 16:25 +0100, Fabrice Fontaine spake thusly: > A vulnerability in charon-tkm related to processing DH public values was > discovered in strongSwan that can result in a buffer overflow and > potentially remote code execution. All versions since 5.3.0 are > affected. > > https://www.strongswan.org/blog/2023/11/20/strongswan-vulnerability-(cve-2023-41913).html > https://github.com/strongswan/strongswan/blob/5.9.13/NEWS > > Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Applied to master, thanks. Regards, Yann E. MORIN. > --- > package/strongswan/strongswan.hash | 6 +++--- > package/strongswan/strongswan.mk | 2 +- > 2 files changed, 4 insertions(+), 4 deletions(-) > > diff --git a/package/strongswan/strongswan.hash b/package/strongswan/strongswan.hash > index de8f18747a..ed8cf0ae31 100644 > --- a/package/strongswan/strongswan.hash > +++ b/package/strongswan/strongswan.hash > @@ -1,7 +1,7 @@ > -# From http://download.strongswan.org/strongswan-5.9.11.tar.bz2.md5 > -md5 673e194cd256af77b46928179f2c81ad strongswan-5.9.11.tar.bz2 > +# From http://download.strongswan.org/strongswan-5.9.13.tar.bz2.md5 > +md5 9ada6be0c89846fb7ded1787a17cfbb2 strongswan-5.9.13.tar.bz2 > # Calculated based on the hash above > -sha256 ddf53f1f26ad26979d5f55e8da95bd389552f5de3682e35593f9a70b2584ed2d strongswan-5.9.11.tar.bz2 > +sha256 56e30effb578fd9426d8457e3b76c8c3728cd8a5589594b55649b2719308ba55 strongswan-5.9.13.tar.bz2 > # Locally calculated > sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 COPYING > sha256 2292e21797754548dccdef9eef6aee7584e552fbd890fa914e1de8d3577d23f0 LICENSE > diff --git a/package/strongswan/strongswan.mk b/package/strongswan/strongswan.mk > index 6058631696..36cb72f6be 100644 > --- a/package/strongswan/strongswan.mk > +++ b/package/strongswan/strongswan.mk > @@ -4,7 +4,7 @@ > # > ################################################################################ > > -STRONGSWAN_VERSION = 5.9.11 > +STRONGSWAN_VERSION = 5.9.13 > STRONGSWAN_SOURCE = strongswan-$(STRONGSWAN_VERSION).tar.bz2 > STRONGSWAN_SITE = http://download.strongswan.org > STRONGSWAN_LICENSE = GPL-2.0+ > -- > 2.43.0 > > _______________________________________________ > buildroot mailing list > buildroot@buildroot.org > https://lists.buildroot.org/mailman/listinfo/buildroot
>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice@gmail.com> writes: > A vulnerability in charon-tkm related to processing DH public values was > discovered in strongSwan that can result in a buffer overflow and > potentially remote code execution. All versions since 5.3.0 are > affected. > https://www.strongswan.org/blog/2023/11/20/strongswan-vulnerability-(cve-2023-41913).html > https://github.com/strongswan/strongswan/blob/5.9.13/NEWS > Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Committed to 2023.02.x and 2023.11.x, thanks.
diff --git a/package/strongswan/strongswan.hash b/package/strongswan/strongswan.hash index de8f18747a..ed8cf0ae31 100644 --- a/package/strongswan/strongswan.hash +++ b/package/strongswan/strongswan.hash @@ -1,7 +1,7 @@ -# From http://download.strongswan.org/strongswan-5.9.11.tar.bz2.md5 -md5 673e194cd256af77b46928179f2c81ad strongswan-5.9.11.tar.bz2 +# From http://download.strongswan.org/strongswan-5.9.13.tar.bz2.md5 +md5 9ada6be0c89846fb7ded1787a17cfbb2 strongswan-5.9.13.tar.bz2 # Calculated based on the hash above -sha256 ddf53f1f26ad26979d5f55e8da95bd389552f5de3682e35593f9a70b2584ed2d strongswan-5.9.11.tar.bz2 +sha256 56e30effb578fd9426d8457e3b76c8c3728cd8a5589594b55649b2719308ba55 strongswan-5.9.13.tar.bz2 # Locally calculated sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 COPYING sha256 2292e21797754548dccdef9eef6aee7584e552fbd890fa914e1de8d3577d23f0 LICENSE diff --git a/package/strongswan/strongswan.mk b/package/strongswan/strongswan.mk index 6058631696..36cb72f6be 100644 --- a/package/strongswan/strongswan.mk +++ b/package/strongswan/strongswan.mk @@ -4,7 +4,7 @@ # ################################################################################ -STRONGSWAN_VERSION = 5.9.11 +STRONGSWAN_VERSION = 5.9.13 STRONGSWAN_SOURCE = strongswan-$(STRONGSWAN_VERSION).tar.bz2 STRONGSWAN_SITE = http://download.strongswan.org STRONGSWAN_LICENSE = GPL-2.0+
A vulnerability in charon-tkm related to processing DH public values was discovered in strongSwan that can result in a buffer overflow and potentially remote code execution. All versions since 5.3.0 are affected. https://www.strongswan.org/blog/2023/11/20/strongswan-vulnerability-(cve-2023-41913).html https://github.com/strongswan/strongswan/blob/5.9.13/NEWS Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> --- package/strongswan/strongswan.hash | 6 +++--- package/strongswan/strongswan.mk | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-)