package/strongswan: security bump to version 5.9.13

A vulnerability in charon-tkm related to processing DH public values was
discovered in strongSwan that can result in a buffer overflow and
potentially remote code execution. All versions since 5.3.0 are
affected.

https://www.strongswan.org/blog/2023/11/20/strongswan-vulnerability-(cve-2023-41913).html
https://github.com/strongswan/strongswan/blob/5.9.13/NEWS

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This commit is contained in:
Fabrice Fontaine 2023-12-26 16:25:35 +01:00 committed by Yann E. MORIN
parent 158edd5aa9
commit 9e5cbbb413
2 changed files with 4 additions and 4 deletions

View File

@ -1,7 +1,7 @@
# From http://download.strongswan.org/strongswan-5.9.11.tar.bz2.md5
md5 673e194cd256af77b46928179f2c81ad strongswan-5.9.11.tar.bz2
# From http://download.strongswan.org/strongswan-5.9.13.tar.bz2.md5
md5 9ada6be0c89846fb7ded1787a17cfbb2 strongswan-5.9.13.tar.bz2
# Calculated based on the hash above
sha256 ddf53f1f26ad26979d5f55e8da95bd389552f5de3682e35593f9a70b2584ed2d strongswan-5.9.11.tar.bz2
sha256 56e30effb578fd9426d8457e3b76c8c3728cd8a5589594b55649b2719308ba55 strongswan-5.9.13.tar.bz2
# Locally calculated
sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 COPYING
sha256 2292e21797754548dccdef9eef6aee7584e552fbd890fa914e1de8d3577d23f0 LICENSE

View File

@ -4,7 +4,7 @@
#
################################################################################
STRONGSWAN_VERSION = 5.9.11
STRONGSWAN_VERSION = 5.9.13
STRONGSWAN_SOURCE = strongswan-$(STRONGSWAN_VERSION).tar.bz2
STRONGSWAN_SITE = http://download.strongswan.org
STRONGSWAN_LICENSE = GPL-2.0+