From nobody Sun Dec 10 17:22:00 2023 X-Original-To: dev-commits-ports-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4SpBWX72SBz547JP; Sun, 10 Dec 2023 17:22:00 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4SpBWX68tlz3V9N; Sun, 10 Dec 2023 17:22:00 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1702228920; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=l8W7ds9SqBooWGhhP8jq4wMowHX3uKKD9JeI9r/BDVE=; b=rZbvWAfwwcIXhZuJeyI1B9EvCTOMucy63f3wjtPjPvm5588UwfBEQzlU/IC4vTGAQOd4sZ eldAQXSlGCCiqLCI3BS/vx4KcOEbn8NFYt5JWdpsmBM1LWAcGQRz6EIE10bYC/a0htxfxT 6BvvN0XAsUDHJH8SBLV9MKbdlykqXYhKLgSCsDY56w/zBYBPL7yzyiDQTa7zgr8fKfM5sZ 3ck/BNwkB6l+C5UYnLk3SEwTBHXu9JbPrr+VKt2bQeLEK+cr57DerrNYWe2Ckej9k9zMLc kO2quKuenTvKuy4se4Cg5vNL8U61xNAGE7ovCSRClnxQlpWEHaOk6yBblB+RnQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1702228920; a=rsa-sha256; cv=none; b=a10jIS8iwTk3XP225xc8ZgejGhERZcds47ybtZ5loyW+Dn3yDJ2T9mA9soUg6i6MNEG1OV T1DEMOWg7wWEaD/MIBl0pSCnnHA1KPf4rdpj865NTkfpoP6D2tzk0Rg/uT73qOwwCL6vfC R0apDR7ebBoQm7k1Yw87dqXRGcOq4zj+JHw/Zi55jQzagnT6ewNSqB3htxv+HRAiWMhKD+ heD4cANojbIzO8yv1TKArKzE8JxX4ZiWdkfsaU5JpqTinW4PW1v18AZBb4WIQsKKo7FJmE kwdnCCb3WN2mSsK7WoHjqq+GkwtkW+BfBqKk2Wk46oxieevc8bx0hi6OVlHJvw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1702228920; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=l8W7ds9SqBooWGhhP8jq4wMowHX3uKKD9JeI9r/BDVE=; b=qx62Mr0vXl5ap3fw1lx7iUT+DzV6i6aDo+RltmaccuxNrNGgOwnmrGb/hTmQ7AyaZu3Vzw qlll/y5gzAGwgik6IZKnuTGyv4Cqf8Sqt3N1DKYcV2YPcN91S9AmaGgAeOYU043Enkn8wD OAbFIxv5VL5xsebfBQ/s38rdMtzr1AnxwCgvkjq6PQMkyl7w2Eb/cw8aK2V/G0xLrhTjzq PoFRxaOUliLGiq5RcfeQHgEblfJ7mRV2Xbd9McRhBWnuxqHwvONNvT54J4Vd0dGnlPC+YP EyghvBOCe8bbN2YrhSUqcuif5abeFR8CVxssuMoHdczsXB2XyA2b6l46Hd8G+Q== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4SpBWX5F22zwjw; Sun, 10 Dec 2023 17:22:00 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BAHM0DG071041; Sun, 10 Dec 2023 17:22:00 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BAHM065071038; Sun, 10 Dec 2023 17:22:00 GMT (envelope-from git) Date: Sun, 10 Dec 2023 17:22:00 GMT Message-Id: <202312101722.3BAHM065071038@gitrepo.freebsd.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-branches@FreeBSD.org From: Fernando =?utf-8?Q?Apestegu=C3=ADa?= Subject: git: 41afbdaae94c - 2023Q4 - security/strongswan: Update to 5.9.13 List-Id: Commit messages for all branches of the ports repository List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-ports-all@freebsd.org X-BeenThere: dev-commits-ports-all@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: fernape X-Git-Repository: ports X-Git-Refname: refs/heads/2023Q4 X-Git-Reftype: branch X-Git-Commit: 41afbdaae94c823ac828489818cc3125a472dda4 Auto-Submitted: auto-generated The branch 2023Q4 has been updated by fernape: URL: https://cgit.FreeBSD.org/ports/commit/?id=41afbdaae94c823ac828489818cc3125a472dda4 commit 41afbdaae94c823ac828489818cc3125a472dda4 Author: Jose Luis Duran AuthorDate: 2023-12-10 16:59:53 +0000 Commit: Fernando ApesteguĂ­a CommitDate: 2023-12-10 17:21:09 +0000 security/strongswan: Update to 5.9.13 ChangeLog: https://github.com/strongswan/strongswan/releases/tag/5.9.13 PR: 275620 Reported by: jlduran@gmail.com MFH: 2023Q4 (security fix) Security: CVE-2023-41913 (cherry picked from commit 9d8accbe0c0d7c0db16ec9bbb50bded19db8271f) --- security/strongswan/Makefile | 5 +---- security/strongswan/distinfo | 8 +++----- security/strongswan/pkg-plist | 15 ++++++++------- 3 files changed, 12 insertions(+), 16 deletions(-) diff --git a/security/strongswan/Makefile b/security/strongswan/Makefile index f6fe9d669352..b6bf781ef23e 100644 --- a/security/strongswan/Makefile +++ b/security/strongswan/Makefile @@ -1,11 +1,8 @@ PORTNAME= strongswan -DISTVERSION= 5.9.11 -PORTREVISION= 2 +DISTVERSION= 5.9.13 CATEGORIES= security net-vpn MASTER_SITES= https://download.strongswan.org/ \ https://download2.strongswan.org/ -PATCH_SITES= https://github.com/strongswan/strongswan/commit/ -PATCHFILES= a619356b5f21bfe3c13f1576eb1d16c015532ceb.patch:-p1 MAINTAINER= strongswan@nanoteq.com COMMENT= Open Source IKEv2 IPsec-based VPN solution diff --git a/security/strongswan/distinfo b/security/strongswan/distinfo index 1cccf5380f46..b24347585614 100644 --- a/security/strongswan/distinfo +++ b/security/strongswan/distinfo @@ -1,5 +1,3 @@ -TIMESTAMP = 1690493412 -SHA256 (strongswan-5.9.11.tar.bz2) = ddf53f1f26ad26979d5f55e8da95bd389552f5de3682e35593f9a70b2584ed2d -SIZE (strongswan-5.9.11.tar.bz2) = 4786552 -SHA256 (a619356b5f21bfe3c13f1576eb1d16c015532ceb.patch) = 31ba77932b88b611f1f1d54478b7d3a024f40e0bcea0b3249f2d62274e1df19f -SIZE (a619356b5f21bfe3c13f1576eb1d16c015532ceb.patch) = 3344 +TIMESTAMP = 1702006969 +SHA256 (strongswan-5.9.13.tar.bz2) = 56e30effb578fd9426d8457e3b76c8c3728cd8a5589594b55649b2719308ba55 +SIZE (strongswan-5.9.13.tar.bz2) = 4825644 diff --git a/security/strongswan/pkg-plist b/security/strongswan/pkg-plist index 4a834b334403..84f5c87bc304 100644 --- a/security/strongswan/pkg-plist +++ b/security/strongswan/pkg-plist @@ -36,8 +36,8 @@ %%GCM%%@sample %%ETCDIR%%.d/charon/gcm.conf.sample %%EAPAKA3GPP2%%@sample %%ETCDIR%%.d/charon/gmp.conf.sample @sample %%ETCDIR%%.d/charon/hmac.conf.sample -%%KDF%%@sample %%ETCDIR%%.d/charon/kdf.conf.sample %%IPSECKEY%%@sample %%ETCDIR%%.d/charon/ipseckey.conf.sample +%%KDF%%@sample %%ETCDIR%%.d/charon/kdf.conf.sample %%KERNELLIBIPSEC%%@sample %%ETCDIR%%.d/charon/kernel-libipsec.conf.sample @sample %%ETCDIR%%.d/charon/kernel-pfkey.conf.sample @sample %%ETCDIR%%.d/charon/kernel-pfroute.conf.sample @@ -49,6 +49,7 @@ %%MYSQL%%@sample %%ETCDIR%%.d/charon/mysql.conf.sample @sample %%ETCDIR%%.d/charon/nonce.conf.sample @sample %%ETCDIR%%.d/charon/openssl.conf.sample +%%VIA%%@sample %%ETCDIR%%.d/charon/padlock.conf.sample @sample %%ETCDIR%%.d/charon/pem.conf.sample @sample %%ETCDIR%%.d/charon/pgp.conf.sample @sample %%ETCDIR%%.d/charon/pkcs1.conf.sample @@ -207,6 +208,8 @@ lib/ipsec/plugins/libstrongswan-nonce.la lib/ipsec/plugins/libstrongswan-nonce.so lib/ipsec/plugins/libstrongswan-openssl.la lib/ipsec/plugins/libstrongswan-openssl.so +%%VIA%%lib/ipsec/plugins/libstrongswan-padlock.la +%%VIA%%lib/ipsec/plugins/libstrongswan-padlock.so lib/ipsec/plugins/libstrongswan-pem.la lib/ipsec/plugins/libstrongswan-pem.so lib/ipsec/plugins/libstrongswan-pgp.la @@ -285,6 +288,7 @@ libexec/ipsec/whitelist %%PKI%%man/man1/pki---gen.1.gz %%PKI%%man/man1/pki---issue.1.gz %%PKI%%man/man1/pki---keyid.1.gz +%%PKI%%man/man1/pki---ocsp.1.gz %%PKI%%man/man1/pki---pkcs7.1.gz %%PKI%%man/man1/pki---print.1.gz %%PKI%%man/man1/pki---pub.1.gz @@ -313,6 +317,7 @@ sbin/ipsec %%DATADIR%%/templates/config/plugins/cmac.conf %%DATADIR%%/templates/config/plugins/constraints.conf %%DATADIR%%/templates/config/plugins/counters.conf +%%CTR%%%%DATADIR%%/templates/config/plugins/ctr.conf %%CURL%%%%DATADIR%%/templates/config/plugins/curl.conf %%DATADIR%%/templates/config/plugins/curve25519.conf %%DATADIR%%/templates/config/plugins/des.conf @@ -335,8 +340,8 @@ sbin/ipsec %%GCM%%%%DATADIR%%/templates/config/plugins/gcm.conf %%EAPAKA3GPP2%%%%DATADIR%%/templates/config/plugins/gmp.conf %%DATADIR%%/templates/config/plugins/hmac.conf -%%KDF%%%%DATADIR%%/templates/config/plugins/kdf.conf %%IPSECKEY%%%%DATADIR%%/templates/config/plugins/ipseckey.conf +%%KDF%%%%DATADIR%%/templates/config/plugins/kdf.conf %%KERNELLIBIPSEC%%%%DATADIR%%/templates/config/plugins/kernel-libipsec.conf %%DATADIR%%/templates/config/plugins/kernel-pfkey.conf %%DATADIR%%/templates/config/plugins/kernel-pfroute.conf @@ -348,11 +353,11 @@ sbin/ipsec %%MYSQL%%%%DATADIR%%/templates/config/plugins/mysql.conf %%DATADIR%%/templates/config/plugins/nonce.conf %%DATADIR%%/templates/config/plugins/openssl.conf +%%VIA%%%%DATADIR%%/templates/config/plugins/padlock.conf %%DATADIR%%/templates/config/plugins/pem.conf %%DATADIR%%/templates/config/plugins/pgp.conf %%DATADIR%%/templates/config/plugins/pkcs1.conf %%PKCS11%%%%DATADIR%%/templates/config/plugins/pkcs11.conf -%%CTR%%%%DATADIR%%/templates/config/plugins/ctr.conf %%DATADIR%%/templates/config/plugins/pkcs12.conf %%DATADIR%%/templates/config/plugins/pkcs7.conf %%DATADIR%%/templates/config/plugins/pkcs8.conf @@ -412,7 +417,3 @@ sbin/ipsec %%SWANCTL%%@dir etc/swanctl/x509ca %%SWANCTL%%@dir etc/swanctl/x509crl %%SWANCTL%%@dir etc/swanctl/x509ocsp -%%VIA%%%%DATADIR%%/templates/config/plugins/padlock.conf -%%VIA%%lib/ipsec/plugins/libstrongswan-padlock.la -%%VIA%%lib/ipsec/plugins/libstrongswan-padlock.so -%%VIA%%@sample %%ETCDIR%%.d/charon/padlock.conf.sample