diff options
author | ohauer <ohauer@FreeBSD.org> | 2013-05-04 02:16:35 +0800 |
---|---|---|
committer | ohauer <ohauer@FreeBSD.org> | 2013-05-04 02:16:35 +0800 |
commit | 00df89247e0f3f1b5abf8f5b37653a5e4958de13 (patch) | |
tree | 9009428c4976a4a9fffba9d94decfdbfdf946459 /security | |
parent | a9c0c865b39639dae43b6399912b1755ee480b8e (diff) | |
download | freebsd-ports-gnome-00df89247e0f3f1b5abf8f5b37653a5e4958de13.tar.gz freebsd-ports-gnome-00df89247e0f3f1b5abf8f5b37653a5e4958de13.tar.zst freebsd-ports-gnome-00df89247e0f3f1b5abf8f5b37653a5e4958de13.zip |
- update to version 5.0.4 which fixes CVE-2013-2944.
- add entry to vuxml
- add CVE references to jankins vuxml entry
while I'm here remove .sh from rc script
PR: ports/178266
Submitted by: David Shane Holden <dpejesh@yahoo.com>
Approved by: strongswan@nanoteq.com (maintainer)
Diffstat (limited to 'security')
-rw-r--r-- | security/strongswan/Makefile | 4 | ||||
-rw-r--r-- | security/strongswan/distinfo | 4 | ||||
-rw-r--r-- | security/strongswan/files/strongswan.in (renamed from security/strongswan/files/strongswan.sh.in) | 0 | ||||
-rw-r--r-- | security/strongswan/pkg-plist | 3 | ||||
-rw-r--r-- | security/vuxml/vuln.xml | 34 |
5 files changed, 41 insertions, 4 deletions
diff --git a/security/strongswan/Makefile b/security/strongswan/Makefile index 32a35f845546..a5e194200285 100644 --- a/security/strongswan/Makefile +++ b/security/strongswan/Makefile @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= strongswan -PORTVERSION= 5.0.1 +PORTVERSION= 5.0.4 CATEGORIES= security MASTER_SITES= http://download.strongswan.org/ \ http://download2.strongswan.org/ @@ -15,7 +15,7 @@ LIB_DEPENDS= execinfo:${PORTSDIR}/devel/libexecinfo USE_BZIP2= yes USE_OPENSSL= yes USE_AUTOTOOLS= libtool -USE_RC_SUBR= strongswan.sh +USE_RC_SUBR= strongswan GNU_CONFIGURE= yes USE_LDCONFIG= yes diff --git a/security/strongswan/distinfo b/security/strongswan/distinfo index 05d53887153a..ff76032d4df9 100644 --- a/security/strongswan/distinfo +++ b/security/strongswan/distinfo @@ -1,2 +1,2 @@ -SHA256 (strongswan-5.0.1.tar.bz2) = 1a4dff19ef69d15e0b90b1ea80bd183235ac73b4ecd114aab58ed54de0f5c3b4 -SIZE (strongswan-5.0.1.tar.bz2) = 3146776 +SHA256 (strongswan-5.0.4.tar.bz2) = 3ec66d64046f652ab7556b3be8f9be8981fd32ef4a11e3e461a04d658928bfe2 +SIZE (strongswan-5.0.4.tar.bz2) = 3412930 diff --git a/security/strongswan/files/strongswan.sh.in b/security/strongswan/files/strongswan.in index 75544f4b67aa..75544f4b67aa 100644 --- a/security/strongswan/files/strongswan.sh.in +++ b/security/strongswan/files/strongswan.in diff --git a/security/strongswan/pkg-plist b/security/strongswan/pkg-plist index 645d4737a74c..170f10d7377e 100644 --- a/security/strongswan/pkg-plist +++ b/security/strongswan/pkg-plist @@ -91,6 +91,9 @@ lib/ipsec/plugins/libstrongswan-pgp.so lib/ipsec/plugins/libstrongswan-pkcs1.a lib/ipsec/plugins/libstrongswan-pkcs1.la lib/ipsec/plugins/libstrongswan-pkcs1.so +lib/ipsec/plugins/libstrongswan-pkcs7.a +lib/ipsec/plugins/libstrongswan-pkcs7.la +lib/ipsec/plugins/libstrongswan-pkcs7.so lib/ipsec/plugins/libstrongswan-pkcs8.a lib/ipsec/plugins/libstrongswan-pkcs8.la lib/ipsec/plugins/libstrongswan-pkcs8.so diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 5f3e37597f0a..807055efdfff 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -51,6 +51,36 @@ Note: Please add new entries to the beginning of this file. --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="6ff570cb-b418-11e2-b279-20cf30e32f6d"> + <topic>strongSwan -- ECDSA signature verification issue</topic> + <affects> + <package> + <name>strongswan</name> + <range><lt>5.0.4</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>strongSwan security team reports:</p> + <blockquote cite="http://www.strongswan.org/blog/2013/04/30/strongswan-5.0.4-released-%28cve-2013-2944%29.html"> + <p>If the openssl plugin is used for ECDSA signature verification an empty, + zeroed or otherwise invalid signature is handled as a legitimate one. + Both IKEv1 and IKEv2 are affected.</p> + <p>Affected are only installations that have enabled and loaded the OpenSSL + crypto backend (--enable-openssl). Builds using the default crypto backends + are not affected.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2013-2944</cvename> + </references> + <dates> + <discovery>2013-05-03</discovery> + <entry>2013-05-03</entry> + </dates> + </vuln> + <vuln vid="622e14b1-b40c-11e2-8441-00e0814cab4e"> <topic>jenkins -- multiple vulnerabilities</topic> <affects> @@ -100,6 +130,10 @@ Note: Please add new entries to the beginning of this file. </description> <references> <url>https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-05-02</url> + <cvename>CVE-2013-2034</cvename> + <cvename>CVE-2013-2033</cvename> + <cvename>CVE-2013-2034</cvename> + <cvename>CVE-2013-1808</cvename> </references> <dates> <discovery>2013-05-02</discovery> |