package/strongswan: security bump to version 5.9.13
A vulnerability in charon-tkm related to processing DH public values was discovered in strongSwan that can result in a buffer overflow and potentially remote code execution. All versions since 5.3.0 are affected. https://www.strongswan.org/blog/2023/11/20/strongswan-vulnerability-(cve-2023-41913).html https://github.com/strongswan/strongswan/blob/5.9.13/NEWS Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This commit is contained in:
parent
158edd5aa9
commit
9e5cbbb413
@ -1,7 +1,7 @@
|
||||
# From http://download.strongswan.org/strongswan-5.9.11.tar.bz2.md5
|
||||
md5 673e194cd256af77b46928179f2c81ad strongswan-5.9.11.tar.bz2
|
||||
# From http://download.strongswan.org/strongswan-5.9.13.tar.bz2.md5
|
||||
md5 9ada6be0c89846fb7ded1787a17cfbb2 strongswan-5.9.13.tar.bz2
|
||||
# Calculated based on the hash above
|
||||
sha256 ddf53f1f26ad26979d5f55e8da95bd389552f5de3682e35593f9a70b2584ed2d strongswan-5.9.11.tar.bz2
|
||||
sha256 56e30effb578fd9426d8457e3b76c8c3728cd8a5589594b55649b2719308ba55 strongswan-5.9.13.tar.bz2
|
||||
# Locally calculated
|
||||
sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 COPYING
|
||||
sha256 2292e21797754548dccdef9eef6aee7584e552fbd890fa914e1de8d3577d23f0 LICENSE
|
||||
|
@ -4,7 +4,7 @@
|
||||
#
|
||||
################################################################################
|
||||
|
||||
STRONGSWAN_VERSION = 5.9.11
|
||||
STRONGSWAN_VERSION = 5.9.13
|
||||
STRONGSWAN_SOURCE = strongswan-$(STRONGSWAN_VERSION).tar.bz2
|
||||
STRONGSWAN_SITE = http://download.strongswan.org
|
||||
STRONGSWAN_LICENSE = GPL-2.0+
|
||||
|
Loading…
Reference in New Issue
Block a user