aboutsummaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorohauer <ohauer@FreeBSD.org>2013-05-04 02:16:35 +0800
committerohauer <ohauer@FreeBSD.org>2013-05-04 02:16:35 +0800
commit00df89247e0f3f1b5abf8f5b37653a5e4958de13 (patch)
tree9009428c4976a4a9fffba9d94decfdbfdf946459 /security
parenta9c0c865b39639dae43b6399912b1755ee480b8e (diff)
downloadfreebsd-ports-gnome-00df89247e0f3f1b5abf8f5b37653a5e4958de13.tar.gz
freebsd-ports-gnome-00df89247e0f3f1b5abf8f5b37653a5e4958de13.tar.zst
freebsd-ports-gnome-00df89247e0f3f1b5abf8f5b37653a5e4958de13.zip
- update to version 5.0.4 which fixes CVE-2013-2944.
- add entry to vuxml - add CVE references to jankins vuxml entry while I'm here remove .sh from rc script PR: ports/178266 Submitted by: David Shane Holden <dpejesh@yahoo.com> Approved by: strongswan@nanoteq.com (maintainer)
Diffstat (limited to 'security')
-rw-r--r--security/strongswan/Makefile4
-rw-r--r--security/strongswan/distinfo4
-rw-r--r--security/strongswan/files/strongswan.in (renamed from security/strongswan/files/strongswan.sh.in)0
-rw-r--r--security/strongswan/pkg-plist3
-rw-r--r--security/vuxml/vuln.xml34
5 files changed, 41 insertions, 4 deletions
diff --git a/security/strongswan/Makefile b/security/strongswan/Makefile
index 32a35f845546..a5e194200285 100644
--- a/security/strongswan/Makefile
+++ b/security/strongswan/Makefile
@@ -2,7 +2,7 @@
# $FreeBSD$
PORTNAME= strongswan
-PORTVERSION= 5.0.1
+PORTVERSION= 5.0.4
CATEGORIES= security
MASTER_SITES= http://download.strongswan.org/ \
http://download2.strongswan.org/
@@ -15,7 +15,7 @@ LIB_DEPENDS= execinfo:${PORTSDIR}/devel/libexecinfo
USE_BZIP2= yes
USE_OPENSSL= yes
USE_AUTOTOOLS= libtool
-USE_RC_SUBR= strongswan.sh
+USE_RC_SUBR= strongswan
GNU_CONFIGURE= yes
USE_LDCONFIG= yes
diff --git a/security/strongswan/distinfo b/security/strongswan/distinfo
index 05d53887153a..ff76032d4df9 100644
--- a/security/strongswan/distinfo
+++ b/security/strongswan/distinfo
@@ -1,2 +1,2 @@
-SHA256 (strongswan-5.0.1.tar.bz2) = 1a4dff19ef69d15e0b90b1ea80bd183235ac73b4ecd114aab58ed54de0f5c3b4
-SIZE (strongswan-5.0.1.tar.bz2) = 3146776
+SHA256 (strongswan-5.0.4.tar.bz2) = 3ec66d64046f652ab7556b3be8f9be8981fd32ef4a11e3e461a04d658928bfe2
+SIZE (strongswan-5.0.4.tar.bz2) = 3412930
diff --git a/security/strongswan/files/strongswan.sh.in b/security/strongswan/files/strongswan.in
index 75544f4b67aa..75544f4b67aa 100644
--- a/security/strongswan/files/strongswan.sh.in
+++ b/security/strongswan/files/strongswan.in
diff --git a/security/strongswan/pkg-plist b/security/strongswan/pkg-plist
index 645d4737a74c..170f10d7377e 100644
--- a/security/strongswan/pkg-plist
+++ b/security/strongswan/pkg-plist
@@ -91,6 +91,9 @@ lib/ipsec/plugins/libstrongswan-pgp.so
lib/ipsec/plugins/libstrongswan-pkcs1.a
lib/ipsec/plugins/libstrongswan-pkcs1.la
lib/ipsec/plugins/libstrongswan-pkcs1.so
+lib/ipsec/plugins/libstrongswan-pkcs7.a
+lib/ipsec/plugins/libstrongswan-pkcs7.la
+lib/ipsec/plugins/libstrongswan-pkcs7.so
lib/ipsec/plugins/libstrongswan-pkcs8.a
lib/ipsec/plugins/libstrongswan-pkcs8.la
lib/ipsec/plugins/libstrongswan-pkcs8.so
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml
index 5f3e37597f0a..807055efdfff 100644
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@@ -51,6 +51,36 @@ Note: Please add new entries to the beginning of this file.
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="6ff570cb-b418-11e2-b279-20cf30e32f6d">
+ <topic>strongSwan -- ECDSA signature verification issue</topic>
+ <affects>
+ <package>
+ <name>strongswan</name>
+ <range><lt>5.0.4</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>strongSwan security team reports:</p>
+ <blockquote cite="http://www.strongswan.org/blog/2013/04/30/strongswan-5.0.4-released-%28cve-2013-2944%29.html">
+ <p>If the openssl plugin is used for ECDSA signature verification an empty,
+ zeroed or otherwise invalid signature is handled as a legitimate one.
+ Both IKEv1 and IKEv2 are affected.</p>
+ <p>Affected are only installations that have enabled and loaded the OpenSSL
+ crypto backend (--enable-openssl). Builds using the default crypto backends
+ are not affected.</p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <cvename>CVE-2013-2944</cvename>
+ </references>
+ <dates>
+ <discovery>2013-05-03</discovery>
+ <entry>2013-05-03</entry>
+ </dates>
+ </vuln>
+
<vuln vid="622e14b1-b40c-11e2-8441-00e0814cab4e">
<topic>jenkins -- multiple vulnerabilities</topic>
<affects>
@@ -100,6 +130,10 @@ Note: Please add new entries to the beginning of this file.
</description>
<references>
<url>https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-05-02</url>
+ <cvename>CVE-2013-2034</cvename>
+ <cvename>CVE-2013-2033</cvename>
+ <cvename>CVE-2013-2034</cvename>
+ <cvename>CVE-2013-1808</cvename>
</references>
<dates>
<discovery>2013-05-02</discovery>