From owner-freebsd-ports-bugs@freebsd.org  Mon Feb 19 12:58:32 2018
Return-Path: <owner-freebsd-ports-bugs@freebsd.org>
Delivered-To: freebsd-ports-bugs@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id EC03CF24274
 for <freebsd-ports-bugs@mailman.ysv.freebsd.org>;
 Mon, 19 Feb 2018 12:58:31 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from mxrelay.ysv.freebsd.org (mxrelay.ysv.freebsd.org
 [IPv6:2001:1900:2254:206a::19:3])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "mxrelay.ysv.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 86A4573F57
 for <freebsd-ports-bugs@FreeBSD.org>; Mon, 19 Feb 2018 12:58:31 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org (kenobi.freebsd.org
 [IPv6:2001:1900:2254:206a::16:76])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mxrelay.ysv.freebsd.org (Postfix) with ESMTPS id B944A12F2B
 for <freebsd-ports-bugs@FreeBSD.org>; Mon, 19 Feb 2018 12:58:30 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org ([127.0.1.118])
 by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id w1JCwUBO044356
 for <freebsd-ports-bugs@FreeBSD.org>; Mon, 19 Feb 2018 12:58:30 GMT
 (envelope-from bugzilla-noreply@freebsd.org)
Received: (from www@localhost)
 by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id w1JCwUM4044353
 for freebsd-ports-bugs@FreeBSD.org; Mon, 19 Feb 2018 12:58:30 GMT
 (envelope-from bugzilla-noreply@freebsd.org)
X-Authentication-Warning: kenobi.freebsd.org: www set sender to
 bugzilla-noreply@freebsd.org using -f
From: bugzilla-noreply@freebsd.org
To: freebsd-ports-bugs@FreeBSD.org
Subject: [Bug 226043] security/strongswan: Update to 5.6.2 [CVE-2018-6459]
Date: Mon, 19 Feb 2018 12:58:30 +0000
X-Bugzilla-Reason: AssignedTo
X-Bugzilla-Type: new
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Ports & Packages
X-Bugzilla-Component: Individual Port(s)
X-Bugzilla-Version: Latest
X-Bugzilla-Keywords: 
X-Bugzilla-Severity: Affects Some People
X-Bugzilla-Who: strongswan@Nanoteq.com
X-Bugzilla-Status: New
X-Bugzilla-Resolution: 
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: freebsd-ports-bugs@FreeBSD.org
X-Bugzilla-Flags: maintainer-feedback+
X-Bugzilla-Changed-Fields: bug_id short_desc product version rep_platform
 op_sys bug_status bug_severity priority component assigned_to reporter
 flagtypes.name attachments.created
Message-ID: <bug-226043-13@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-BeenThere: freebsd-ports-bugs@freebsd.org
X-Mailman-Version: 2.1.25
Precedence: list
List-Id: Ports bug reports <freebsd-ports-bugs.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-ports-bugs>, 
 <mailto:freebsd-ports-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports-bugs/>
List-Post: <mailto:freebsd-ports-bugs@freebsd.org>
List-Help: <mailto:freebsd-ports-bugs-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-ports-bugs>, 
 <mailto:freebsd-ports-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Feb 2018 12:58:32 -0000

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D226043

            Bug ID: 226043
           Summary: security/strongswan: Update to 5.6.2 [CVE-2018-6459]
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Some People
          Priority: ---
         Component: Individual Port(s)
          Assignee: freebsd-ports-bugs@FreeBSD.org
          Reporter: strongswan@Nanoteq.com
 Attachment #190795 maintainer-approval+
             Flags:
             Flags: maintainer-feedback+

Created attachment 190795
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D190795&action=
=3Dedit
Update strongswan to 5.6.2

Update strongswan to 5.6.2 to fix vulnerability CVE-2018-6459.

https://github.com/strongswan/strongswan/blob/master/NEWS

Fixed a DoS vulnerability in the parser for PKCS#1 RSASSA-PSS signatures th=
at
was caused by insufficient input validation.  One of the configurable
parameters in algorithm identifier structures for RSASSA-PSS signatures is =
the
mask generation function (MGF).  Only MGF1 is currently specified for this
purpose.  However, this in turn takes itself a parameter that specifies the
underlying hash function.  strongSwan's parser did not correctly handle the
case of this parameter being absent, causing an undefined data read.
This vulnerability has been registered as CVE-2018-6459.


Bug 220488 is also fixed as part of this patch.
(https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D220488)

--=20
You are receiving this mail because:
You are the assignee for the bug.=