FreeBSD Bugzilla – Attachment 231306 Details for
Bug 261462
security/strongswan: Update to 5.9.5
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
vuxml entry for the update
strongswan-5.9.5-vuxml.diff (text/plain), 1.42 KB, created by
Francois ten Krooden
on 2022-01-25 11:03:45 UTC
(
hide
)
Description:
vuxml entry for the update
Filename:
MIME Type:
Creator:
Francois ten Krooden
Created:
2022-01-25 11:03:45 UTC
Size:
1.42 KB
patch
obsolete
>diff --git a/security/vuxml/vuln-2022.xml b/security/vuxml/vuln-2022.xml >index 2fa7d3c2d9fe..945e3b2b08be 100644 >--- a/security/vuxml/vuln-2022.xml >+++ b/security/vuxml/vuln-2022.xml >@@ -1,3 +1,29 @@ >+ <vuln vid="ccaea96b-7dcd-11ec-93df-00224d821998"> >+ <topic>strongswan - Incorrect Handling of Early EAP-Success Messages</topic> >+ <affects> >+ <package> >+ <name>strongswan</name> >+ <range><lt>5.9.5</lt></range> >+ </package> >+ </affects> >+ <description> >+ <body xmlns="http://www.w3.org/1999/xhtml"> >+ <p>Strongswan Release Notes reports:</p> >+ <blockquote cite="https://github.com/strongswan/strongswan/releases/tag/5.9.5"> >+ <p>Fixed a vulnerability in the EAP client implementation that was caused by incorrectly handling early EAP-Success messages. It may allow to bypass the client and in some scenarios even the server authentication, or could lead to a denial-of-service attack. This vulnerability has been registered as CVE-2021-45079.</p> >+ </blockquote> >+ </body> >+ </description> >+ <references> >+ <cvename>CVE-2021-45079</cvename> >+ <url>https://www.strongswan.org/blog/2022/01/24/strongswan-vulnerability-(cve-2021-45079).html</url> >+ </references> >+ <dates> >+ <discovery>2021-12-16</discovery> >+ <entry>2022-01-25</entry> >+ </dates> >+ </vuln> >+ > <vuln vid="309c35f4-7c9f-11ec-a739-206a8a720317"> > <topic>aide -- heap-based buffer overflow</topic> > <affects>
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Flags:
strongswan
:
maintainer-approval+
Actions:
View
|
Diff
Attachments on
bug 261462
:
231305
| 231306