Date: Sat, 25 Nov 2023 21:40:19 +0700 From: Eugene Grosbein <eugen@freebsd.org> To: Florian Smeets <flo@smeets.xyz>, ports-committers@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Subject: Re: git: 4e2c0382dd6c - main - security/strongswan: fix CVE-2023-41913 Message-ID: <5c35cf6e-ee07-f956-3572-2327f9bbc734@freebsd.org> In-Reply-To: <6cff15eb-7510-46bf-9315-cca71a6effae@smeets.xyz> References: <202311240806.3AO86SBL012871@gitrepo.freebsd.org> <6cff15eb-7510-46bf-9315-cca71a6effae@smeets.xyz>
next in thread | previous in thread | raw e-mail | index | archive | help
24.11.2023 19:02, Florian Smeets wrote: > Hi Eugene, > > did you verify whether the port is actually vulnerable? I have to admit, I did not. I run strongswan in production and mere "possibility of remote code execution" with ease patching made me apply the patch ASAP. > I had a look a couple of days ago and my impression was that we don't build charon with the TKM backend. > I only had a quick look, so maybe I was wrong and your input would be much appreciated. You are right. Also, building --with-tkm requires installing devel/gprbuild first.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5c35cf6e-ee07-f956-3572-2327f9bbc734>