Bug 220823

Summary:

security/strongswan: Update to 5.5.3 (Fixes security vulnerabilities)

Product:

Ports & Packages

Reporter:

Dani I. <i.dani>

Component:

Individual Port(s)

Assignee:

Olivier Cochard <olivier>

Status:

Closed FIXED

Severity:

Affects Many People

CC:

olivier, ports-secteam, strongswan

Priority:

Normal

Keywords:

security

Version:

Latest

Flags:

strongswan: maintainer-feedback+
koobs: merge-quarterly?

Hardware:

Any

OS:

Any

See Also:

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=220874

Attachments:

Description	Flags
Updated strongSwan to 5.5.3	strongswan: maintainer-approval+

Description Dani I. 2017-07-18 10:07:02 UTC

The current version avilable for FreeBSD is vulnerable since 30.05.2017 and has already been patched upstream. The current contains two DoS-vuln's.

Changelog: https://wiki.strongswan.org/versions/65

Available version: 5.5.2
Patched version: 5.5.3

Security:
- Fixed a DoS vulnerability in the gmp plugin that was caused by insufficient input validation when verifying RSA signatures. More specifically, mpz_powm_sec() has two requirements regarding the passed exponent and modulus that the plugin did not enforce, if these are not met the calculation will result in a floating point exception that crashes the whole process.

This vulnerability has been registered as CVE-2017-9022 [1].
Please refer to our blog for details. [2]

- Fixed a DoS vulnerability in the x509 plugin that was caused because the ASN.1 parser didn't handle ASN.1 CHOICE types properly, which could result in an infinite loop when parsing X.509 extensions that use such types.

This vulnerability has been registered as CVE-2017-9023 [3].
Please refer to our blog for details. [4]

[1] https://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-9022
[2] https://www.strongswan.org/blog/2017/05/30/strongswan-vulnerability-(cve-2017-9022).html
[3] https://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-9023
[4] https://www.strongswan.org/blog/2017/05/30/strongswan-vulnerability-(cve-2017-9023).html

Comment 1 commit-hook freebsd_committer

2017-07-19 09:44:22 UTC

A commit references this bug:

Author: olivier
Date: Wed Jul 19 09:43:31 UTC 2017
New revision: 446191
URL: https://svnweb.freebsd.org/changeset/ports/446191

Log:
  Document vulnerability in strongswan

  PR:		220823
  Reported by:	i.dani@outlook.com
  Security:	CVE-2017-9022
  Security:	CVE-2017-9023

Changes:
  head/security/vuxml/vuln.xml

Comment 2 Francois ten Krooden 2017-07-19 10:16:41 UTC

Created attachment 184496 [details]
Updated strongSwan to 5.5.3

Updated strongSwan to 5.5.3 for the security vulnerabilities.
Removed the .a files from the pkg-plist.

Comment 3 Dani I. 2017-07-19 10:27:09 UTC

(In reply to strongswan from comment #2)

Did you see that 5.5.3 has new configure-options for fuzzing? 
(--enable-fuzzing and --with-libfuzzer)

Maybe we should add an OPTION for that in a 2nd step and bump the port-rev. But for the moment the security update is more critical in my opinion.

Comment 4 commit-hook freebsd_committer

2017-07-19 10:30:01 UTC

A commit references this bug:

Author: olivier
Date: Wed Jul 19 10:29:39 UTC 2017
New revision: 446193
URL: https://svnweb.freebsd.org/changeset/ports/446193

Log:
  Update strongswan to 5.5.3

  PR:		220823
  Submitted by:	strongswan@Nanoteq.com (maintainer)
  Reported by:	i.dani@outlook.com

Changes:
  head/security/strongswan/Makefile
  head/security/strongswan/distinfo
  head/security/strongswan/pkg-plist

Comment 5 Olivier Cochard freebsd_committer

2017-07-19 10:41:38 UTC

Thanks all for your contributions!

Comment 6 Kubilay Kocak freebsd_committer

2017-07-19 11:28:05 UTC

Re-open for merge to quarterly

Comment 7 commit-hook freebsd_committer

2017-07-20 21:38:36 UTC

A commit references this bug:

Author: olivier
Date: Thu Jul 20 21:38:24 UTC 2017
New revision: 446295
URL: https://svnweb.freebsd.org/changeset/ports/446295

Log:
  MFH: r446193

  Update strongswan to 5.5.3

  PR:		220823
  Submitted by:	strongswan@Nanoteq.com (maintainer)
  Reported by:	i.dani@outlook.com

  Approved by:	ports-secteam

Changes:
_U  branches/2017Q3/
  branches/2017Q3/security/strongswan/Makefile
  branches/2017Q3/security/strongswan/distinfo
  branches/2017Q3/security/strongswan/pkg-plist

Comment 8 Olivier Cochard freebsd_committer

2017-07-20 21:40:18 UTC

Merged to quarterly.