NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6f4e0e38f8
kumquat-buildroot/package/strongswan/strongswan.hash
Fabrice Fontaine b79d735139 package/strongswan: security bump to version 5.9.8 
Fixed a vulnerability related to online certificate revocation checking
that was caused because the revocation plugin used potentially untrusted
OCSP URIs and CRL distribution points in certificates. This allowed a
remote attacker to initiate IKE_SAs and send crafted certificates that
contain URIs pointing to servers under their control, which could have
lead to a denial-of-service attack. This vulnerability has been
registered as CVE-2022-40617.

Drop patch (already in version)

https://www.strongswan.org/blog/2022/10/03/strongswan-vulnerability-(cve-2022-40617).html
https://github.com/strongswan/strongswan/releases/tag/5.9.6
https://github.com/strongswan/strongswan/releases/tag/5.9.7
https://github.com/strongswan/strongswan/releases/tag/5.9.8

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-11-05 21:03:08 +01:00

8 lines
452 B
Plaintext
Raw Blame History

# From http://download.strongswan.org/strongswan-5.9.8.tar.bz2.md5
md5 f46b0d3e7aed88824650d0721c887443 strongswan-5.9.8.tar.bz2
# Calculated based on the hash above
sha256 d3303a43c0bd7b75a12b64855e8edcb53696f06190364f26d1533bde1f2e453c strongswan-5.9.8.tar.bz2
# Locally calculated
sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 COPYING
sha256 2292e21797754548dccdef9eef6aee7584e552fbd890fa914e1de8d3577d23f0 LICENSE
Reference in New Issue View Git Blame Copy Permalink