diff options
| author | omni <omni+alpine@hack.org> | 2022-10-06 10:53:45 +0000 |
|---|---|---|
| committer | omni <omni+alpine@hack.org> | 2022-10-06 11:03:58 +0000 |
| commit | 7eba92bb4603b2fd298793a9877629ff984bda1f (patch) | |
| tree | 4918f083a91fdf7518bb7ab478a84c8b14cfc26e | |
| parent | 20052741fca7f2018c63b7dcad0d36956fdeba6c (diff) | |
| download | aports-7eba92bb4603b2fd298793a9877629ff984bda1f.tar.gz aports-7eba92bb4603b2fd298793a9877629ff984bda1f.tar.bz2 aports-7eba92bb4603b2fd298793a9877629ff984bda1f.tar.xz | |
main/strongswan: add mitigations for CVE-2021-45079 & CVE-2022-40617
| -rw-r--r-- | main/strongswan/APKBUILD | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/main/strongswan/APKBUILD b/main/strongswan/APKBUILD index 132c261d577..3779c0f73f4 100644 --- a/main/strongswan/APKBUILD +++ b/main/strongswan/APKBUILD @@ -3,7 +3,7 @@ pkgname=strongswan pkgver=5.9.1 _pkgver=${pkgver//_rc/rc} -pkgrel=1 +pkgrel=2 pkgdesc="IPsec-based VPN solution focused on security and ease of use, supporting IKEv1/IKEv2 and MOBIKE" url="https://www.strongswan.org/" arch="all" @@ -19,6 +19,8 @@ subpackages="$pkgname-doc $pkgname-dbg $pkgname-logfile $pkgname-openrc" source="https://download.strongswan.org/strongswan-$_pkgver.tar.bz2 https://download.strongswan.org/security/CVE-2021-41990/strongswan-5.6.1-5.9.3_gmp-rsa-ssa-salt-len.patch https://download.strongswan.org/security/CVE-2021-41991/strongswan-4.4.1-5.9.3_cert-cache-random.patch + https://download.strongswan.org/security/CVE-2021-45079/strongswan-5.5.0-5.9.4_eap_success.patch + https://download.strongswan.org/security/CVE-2022-40617/strongswan-5.1.0-5.9.7_cert_online_validate.patch 1001-charon-add-optional-source-and-remote-overrides-for-.patch 1002-vici-send-certificates-for-ike-sa-events.patch @@ -31,6 +33,9 @@ source="https://download.strongswan.org/strongswan-$_pkgver.tar.bz2 " # secfixes: +# 5.9.1-r2: +# - CVE-2021-45079 +# - CVE-2022-40617 # 5.9.1-r1: # - CVE-2021-41990 # - CVE-2021-41991 @@ -136,6 +141,8 @@ sha512sums=" 222625e77bd86959da6dd7346cfa9f92569fc396a494bb95ddf2c8e0680b7e8041541e8a14320517a0c735d713ae0fdc0d0c4694215e812817814b0b4efc3497 strongswan-5.9.1.tar.bz2 42bb9dc02e04735183cb2966e23f26bdb2b14b56b10dc3df770cfbea066a690130ce84dc3a17b1369c2d45852bcd8a2902f19368099a1e71c858293decdb48ee strongswan-5.6.1-5.9.3_gmp-rsa-ssa-salt-len.patch 39f607625bc6aa128b71e65e9806c60051015378d0250961bafbe787aa652141e1b3126d235b9cede08e4fe816b3220dbae54e40492b0aeb48f034220f1ee446 strongswan-4.4.1-5.9.3_cert-cache-random.patch +d3ecccf616a1d0a0b364a64f9d5cd0a75d7230948a8b455217d3f665f2a9f4b79bda787c2d0b608c31b40bf9c97c89b7e18b37794794bef4c7b17b4f0bf430a2 strongswan-5.5.0-5.9.4_eap_success.patch +748753eb615cceaea162a264b40c1ae9d4fd2b3ea2f15d6faf40b19619f11e3b98d0e0bbc2339261ce4fff9cb070c25a1037778c3d6476e3c6e97397dcd19c47 strongswan-5.1.0-5.9.7_cert_online_validate.patch 8cd2f7e10dca25c8739b18f26f0aba427d00c5689ee126da5fc2699ce75ed567f0d25b4e50b716eab58097c06a51418e489e7f853d02bb53ba32aca72a6ae7c8 1001-charon-add-optional-source-and-remote-overrides-for-.patch f92609a1f6810786baeae1688688cbdd2a3116200cdba8d23e13da08992f5280bcbe04712cc89402f1e39aff6f4ebc8da05a2529b1e61e25a5229deb74c4dc3f 1002-vici-send-certificates-for-ike-sa-events.patch da39b5654c6f39d175c5491dabd5ed5c1b552857af7cbe7eeb8d0ecb34dad265bb8cd7725930eb75ceb99d51813f8e59631e687b09c1ff5c6437388f5f4d9647 1003-vici-add-support-for-individual-sa-state-changes.patch |