aboutsummaryrefslogtreecommitdiffstats
path: root/security/strongswan/files
diff options
context:
space:
mode:
authorkrion <krion@FreeBSD.org>2018-05-31 20:39:51 +0800
committerkrion <krion@FreeBSD.org>2018-05-31 20:39:51 +0800
commita650e99aea2cb8f72856b86fa5976de0ddfd4c46 (patch)
tree528d366a7d8328f3f9c28e8f40cb2f9aaa8c01fb /security/strongswan/files
parentb980c120e3dc4cb993ef9f1944b27a1f95d7517a (diff)
downloadfreebsd-ports-gnome-a650e99aea2cb8f72856b86fa5976de0ddfd4c46.tar.gz
freebsd-ports-gnome-a650e99aea2cb8f72856b86fa5976de0ddfd4c46.tar.zst
freebsd-ports-gnome-a650e99aea2cb8f72856b86fa5976de0ddfd4c46.zip
Update to 5.6.3
Fixes: - Denial-of-Service Vulnerability in the IKEv2 key derivation (CVE-2018-10811) - Denial-of-Service Vulnerability in the stroke plugin (CVE-2018-5388) - Crash on FreeBSD that was present in 5.6.2 - The kernel-pfkey plugin optionally installs routes via internal interface (one with an IP in the local traffic selector). On FreeBSD, enabling this selects the correct source IP when sending packets from the gateway itself. PR: 228631 Submitted by: maintainer
Diffstat (limited to 'security/strongswan/files')
-rw-r--r--security/strongswan/files/patch-src_libcharon_sa_ikev2_authenticators_pubkey_authenticator.c22
1 files changed, 0 insertions, 22 deletions
diff --git a/security/strongswan/files/patch-src_libcharon_sa_ikev2_authenticators_pubkey_authenticator.c b/security/strongswan/files/patch-src_libcharon_sa_ikev2_authenticators_pubkey_authenticator.c
deleted file mode 100644
index 722a2b8ceb0b..000000000000
--- a/security/strongswan/files/patch-src_libcharon_sa_ikev2_authenticators_pubkey_authenticator.c
+++ /dev/null
@@ -1,22 +0,0 @@
---- src/libcharon/sa/ikev2/authenticators/pubkey_authenticator.c.orig
-+++ src/libcharon/sa/ikev2/authenticators/pubkey_authenticator.c
-@@ -164,7 +164,7 @@ static array_t *select_signature_schemes(keymat_v2_t *keymat,
- signature_scheme_t schemes[] = {
- SIGN_RSA_EMSA_PKCS1_SHA2_384,
- SIGN_RSA_EMSA_PKCS1_SHA2_256,
-- }, contained;
-+ };
- bool found;
- int i, j;
-
-@@ -174,8 +174,8 @@ static array_t *select_signature_schemes(keymat_v2_t *keymat,
- found = FALSE;
- for (j = 0; j < array_count(selected); j++)
- {
-- array_get(selected, j, &contained);
-- if (scheme == contained)
-+ array_get(selected, j, &config);
-+ if (scheme == config->scheme)
- {
- found = TRUE;
- break;