Google Git
Sign in
android-kvm / buildroot / b79d735139282ecf052dc89d4c221bbd16447112
commitb79d735139282ecf052dc89d4c221bbd16447112[log] [tgz]
authorFabrice Fontaine <fontaine.fabrice@gmail.com>Fri Nov 04 17:18:51 2022 +0100
committerThomas Petazzoni <thomas.petazzoni@bootlin.com>Sat Nov 05 21:03:08 2022 +0100
tree82abfdcdb32ba410b548dced77c485bedd038982
parent0b4a9930124f7fb4c7bfae281db900905006a2da [diff]
package/strongswan: security bump to version 5.9.8

Fixed a vulnerability related to online certificate revocation checking
that was caused because the revocation plugin used potentially untrusted
OCSP URIs and CRL distribution points in certificates. This allowed a
remote attacker to initiate IKE_SAs and send crafted certificates that
contain URIs pointing to servers under their control, which could have
lead to a denial-of-service attack. This vulnerability has been
registered as CVE-2022-40617.

Drop patch (already in version)

https://www.strongswan.org/blog/2022/10/03/strongswan-vulnerability-(cve-2022-40617).html
https://github.com/strongswan/strongswan/releases/tag/5.9.6
https://github.com/strongswan/strongswan/releases/tag/5.9.7
https://github.com/strongswan/strongswan/releases/tag/5.9.8

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
3 files changed
tree: 82abfdcdb32ba410b548dced77c485bedd038982
  1. arch/
  2. board/
  3. boot/
  4. configs/
  5. docs/
  6. fs/
  7. linux/
  8. package/
  9. support/
  10. system/
  11. toolchain/
  12. utils/
  13. .clang-format
  14. .defconfig
  15. .flake8
  16. .gitignore
  17. .gitlab-ci.yml
  18. .shellcheckrc
  19. CHANGES
  20. Config.in
  21. Config.in.legacy
  22. COPYING
  23. DEVELOPERS
  24. Makefile
  25. Makefile.legacy
  26. README