The current version avilable for FreeBSD is vulnerable since 30.05.2017 and has already been patched upstream. The current contains two DoS-vuln's. Changelog: https://wiki.strongswan.org/versions/65 Available version: 5.5.2 Patched version: 5.5.3 Security: - Fixed a DoS vulnerability in the gmp plugin that was caused by insufficient input validation when verifying RSA signatures. More specifically, mpz_powm_sec() has two requirements regarding the passed exponent and modulus that the plugin did not enforce, if these are not met the calculation will result in a floating point exception that crashes the whole process. This vulnerability has been registered as CVE-2017-9022 [1]. Please refer to our blog for details. [2] - Fixed a DoS vulnerability in the x509 plugin that was caused because the ASN.1 parser didn't handle ASN.1 CHOICE types properly, which could result in an infinite loop when parsing X.509 extensions that use such types. This vulnerability has been registered as CVE-2017-9023 [3]. Please refer to our blog for details. [4] [1] https://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-9022 [2] https://www.strongswan.org/blog/2017/05/30/strongswan-vulnerability-(cve-2017-9022).html [3] https://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-9023 [4] https://www.strongswan.org/blog/2017/05/30/strongswan-vulnerability-(cve-2017-9023).html
A commit references this bug: Author: olivier Date: Wed Jul 19 09:43:31 UTC 2017 New revision: 446191 URL: https://svnweb.freebsd.org/changeset/ports/446191 Log: Document vulnerability in strongswan PR: 220823 Reported by: i.dani@outlook.com Security: CVE-2017-9022 Security: CVE-2017-9023 Changes: head/security/vuxml/vuln.xml
Created attachment 184496 [details] Updated strongSwan to 5.5.3 Updated strongSwan to 5.5.3 for the security vulnerabilities. Removed the .a files from the pkg-plist.
(In reply to strongswan from comment #2) Did you see that 5.5.3 has new configure-options for fuzzing? (--enable-fuzzing and --with-libfuzzer) Maybe we should add an OPTION for that in a 2nd step and bump the port-rev. But for the moment the security update is more critical in my opinion.
A commit references this bug: Author: olivier Date: Wed Jul 19 10:29:39 UTC 2017 New revision: 446193 URL: https://svnweb.freebsd.org/changeset/ports/446193 Log: Update strongswan to 5.5.3 PR: 220823 Submitted by: strongswan@Nanoteq.com (maintainer) Reported by: i.dani@outlook.com Changes: head/security/strongswan/Makefile head/security/strongswan/distinfo head/security/strongswan/pkg-plist
Thanks all for your contributions!
Re-open for merge to quarterly
A commit references this bug: Author: olivier Date: Thu Jul 20 21:38:24 UTC 2017 New revision: 446295 URL: https://svnweb.freebsd.org/changeset/ports/446295 Log: MFH: r446193 Update strongswan to 5.5.3 PR: 220823 Submitted by: strongswan@Nanoteq.com (maintainer) Reported by: i.dani@outlook.com Approved by: ports-secteam Changes: _U branches/2017Q3/ branches/2017Q3/security/strongswan/Makefile branches/2017Q3/security/strongswan/distinfo branches/2017Q3/security/strongswan/pkg-plist
Merged to quarterly.