Summary: | security/strongswan: Update to 5.5.3 (Fixes security vulnerabilities) | ||||||
---|---|---|---|---|---|---|---|
Product: | Ports & Packages | Reporter: | Dani I. <i.dani> | ||||
Component: | Individual Port(s) | Assignee: | Olivier Cochard <olivier> | ||||
Status: | Closed FIXED | ||||||
Severity: | Affects Many People | CC: | olivier, ports-secteam, strongswan | ||||
Priority: | Normal | Keywords: | security | ||||
Version: | Latest | Flags: | strongswan:
maintainer-feedback+
koobs: merge-quarterly? |
||||
Hardware: | Any | ||||||
OS: | Any | ||||||
See Also: | https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=220874 | ||||||
Attachments: |
|
Description
Dani I.
2017-07-18 10:07:02 UTC
A commit references this bug: Author: olivier Date: Wed Jul 19 09:43:31 UTC 2017 New revision: 446191 URL: https://svnweb.freebsd.org/changeset/ports/446191 Log: Document vulnerability in strongswan PR: 220823 Reported by: i.dani@outlook.com Security: CVE-2017-9022 Security: CVE-2017-9023 Changes: head/security/vuxml/vuln.xml Created attachment 184496 [details]
Updated strongSwan to 5.5.3
Updated strongSwan to 5.5.3 for the security vulnerabilities.
Removed the .a files from the pkg-plist.
(In reply to strongswan from comment #2) Did you see that 5.5.3 has new configure-options for fuzzing? (--enable-fuzzing and --with-libfuzzer) Maybe we should add an OPTION for that in a 2nd step and bump the port-rev. But for the moment the security update is more critical in my opinion. A commit references this bug: Author: olivier Date: Wed Jul 19 10:29:39 UTC 2017 New revision: 446193 URL: https://svnweb.freebsd.org/changeset/ports/446193 Log: Update strongswan to 5.5.3 PR: 220823 Submitted by: strongswan@Nanoteq.com (maintainer) Reported by: i.dani@outlook.com Changes: head/security/strongswan/Makefile head/security/strongswan/distinfo head/security/strongswan/pkg-plist Thanks all for your contributions! Re-open for merge to quarterly A commit references this bug: Author: olivier Date: Thu Jul 20 21:38:24 UTC 2017 New revision: 446295 URL: https://svnweb.freebsd.org/changeset/ports/446295 Log: MFH: r446193 Update strongswan to 5.5.3 PR: 220823 Submitted by: strongswan@Nanoteq.com (maintainer) Reported by: i.dani@outlook.com Approved by: ports-secteam Changes: _U branches/2017Q3/ branches/2017Q3/security/strongswan/Makefile branches/2017Q3/security/strongswan/distinfo branches/2017Q3/security/strongswan/pkg-plist Merged to quarterly. |