Date: Thu, 15 May 2014 08:28:52 +1000 From: Dewayne Geraghty <dewayne.geraghty@heuristicsystems.com.au> To: freebsd-ports@freebsd.org Cc: strongswan@nanoteq.com Subject: Committer to address 2 CVE's against strongswan Message-ID: <5373EE24.4030007@heuristicsystems.com.au> In-Reply-To: <CAHv72r4=jREo7R3xCP3yO9dnF_Oc-5ecLPz=m-RHADPhizc-fQ@mail.gmail.com> References: <CAHv72r4=jREo7R3xCP3yO9dnF_Oc-5ecLPz=m-RHADPhizc-fQ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Strongswan 5.1.1 has two CVE's that are corrected in the 5.1.3 release. The maintainer has provided a patch on 8th May, thank-you Francois. The patch applies cleanly and the patched strongswan 5.1.3 installs and functions correctly. I've installed it on two FreeBSD 9.2 (Stable) VPN servers, and other tunnelling firewalls. It would be appreciated if a ports committer could provide this patch for the rest of the user-base, via a strongswan port update. Refer: http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/189132 CVE's that are addressed: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2014-2338 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2014-2891 Regards, Dewayne.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5373EE24.4030007>