Bug 266938

Summary: security/strongswan: CVE-2022-40617
Product: Ports & Packages Reporter: rob2g2 <rob2g2-freebsd>
Component: Individual Port(s)Assignee: Fernando Apesteguía <fernape>
Status: Closed FIXED    
Severity: Affects Some People CC: fernape, ports-secteam, rob2g2-freebsd, strongswan
Priority: --- Keywords: security
Version: Latest   
Hardware: Any   
OS: Any   
URL: https://www.strongswan.org/blog/2022/10/03/strongswan-vulnerability-(cve-2022-40617).html
Attachments:
Description Flags
patch for vuxml none

Description rob2g2 2022-10-10 11:21:02 UTC 
Created attachment 237187 [details]
patch for vuxml

please update strongswan to 5.9.8 to fix CVE-2022-40617

the according vuxml entry attached to inform users
Comment 1 commit-hook freebsd_committer freebsd_triage 2022-10-10 12:25:33 UTC 
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=c1b081145ff7f719c3867702e9d83718b674505d

commit c1b081145ff7f719c3867702e9d83718b674505d
Author:     rob2g2 <rob2g2-freebsd@bitbert.com>
AuthorDate: 2022-10-10 12:16:36 +0000
Commit:     Fernando Apesteguía <fernape@FreeBSD.org>
CommitDate: 2022-10-10 12:21:57 +0000

    security/strongswan: Document DOS vulnerability

    ChangeLog:
    https://www.strongswan.org/blog/2022/10/03/strongswan-vulnerability-(cve-2022-40617).html

    PR:             266938
    Reported by:    rob2g2-freebsd@bitbert.com
    Security:       CVE-2022-40617

 security/vuxml/vuln-2022.xml | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)
Comment 2 Fernando Apesteguía freebsd_committer freebsd_triage 2022-10-10 12:25:47 UTC 
Committed,

Thanks!