Date: Sun, 03 Jun 2018 12:08:44 +0000 From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 228631] security/strongswan: Update to 5.6.3 (Fixes DOS Security Vulnerabilities) Message-ID: <bug-228631-7788-YWQP5v8x7H@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-228631-7788@https.bugs.freebsd.org/bugzilla/> References: <bug-228631-7788@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D228631 --- Comment #4 from commit-hook@freebsd.org --- A commit references this bug: Author: krion Date: Sun Jun 3 12:07:42 UTC 2018 New revision: 471490 URL: https://svnweb.freebsd.org/changeset/ports/471490 Log: MFH: r471205 Update to 5.6.3 Fixes: - Denial-of-Service Vulnerability in the IKEv2 key derivation (CVE-2018-10811) - Denial-of-Service Vulnerability in the stroke plugin (CVE-2018-5388) - Crash on FreeBSD that was present in 5.6.2 - The kernel-pfkey plugin optionally installs routes via internal interface (one with an IP in the local traffic selector). On FreeBSD, enabling this selects the correct source IP when sending packets from the gateway itself. PR: 228631 Submitted by: maintainer Approved by: ports-secteam Changes: _U branches/2018Q2/ branches/2018Q2/security/strongswan/Makefile branches/2018Q2/security/strongswan/distinfo =20 branches/2018Q2/security/strongswan/files/patch-src_libcharon_sa_ikev2_auth= enticators_pubkey_authenticator.c --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-228631-7788-YWQP5v8x7H>