From: Stijn Tintel Date: Tue, 30 May 2017 12:32:01 +0000 (+0200) Subject: strongswan: bump to 5.5.3 X-Git-Url: http://git.lede-project.org./?a=commitdiff_plain;h=960006be50203ebeaa136ec49229eb286e9de785;p=feed%2Fpackages.git strongswan: bump to 5.5.3 Fixes CVE-2017-9022, CVE-2017-9023. Signed-off-by: Stijn Tintel --- diff --git a/net/strongswan/Makefile b/net/strongswan/Makefile index 6231aa5521..91a08bed2f 100644 --- a/net/strongswan/Makefile +++ b/net/strongswan/Makefile @@ -8,11 +8,11 @@ include $(TOPDIR)/rules.mk PKG_NAME:=strongswan -PKG_VERSION:=5.5.2 +PKG_VERSION:=5.5.3 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 -PKG_HASH:=da976fca836f05fc7b7a38baab299745f960cb7640319969d239d8aa4ace9f6a +PKG_HASH:=c5ea54b199174708de11af9b8f4ecf28b5b0743d4bc0e380e741f25b28c0f8d4 PKG_SOURCE_URL:=http://download.strongswan.org/ http://download2.strongswan.org/ PKG_LICENSE:=GPL-2.0+ PKG_MAINTAINER:=Stijn Tintel diff --git a/net/strongswan/patches/203-uci.patch b/net/strongswan/patches/203-uci.patch index 274ea86942..21ae848bf1 100644 --- a/net/strongswan/patches/203-uci.patch +++ b/net/strongswan/patches/203-uci.patch @@ -1,6 +1,6 @@ --- a/src/libcharon/plugins/uci/uci_parser.c +++ b/src/libcharon/plugins/uci/uci_parser.c -@@ -78,7 +78,7 @@ METHOD(enumerator_t, section_enumerator_ +@@ -75,7 +75,7 @@ METHOD(enumerator_t, section_enumerator_ if (uci_lookup(this->ctx, &element, this->package, this->current->name, "name") == UCI_OK) { /* use "name" attribute as config name if available ... */ @@ -9,7 +9,7 @@ } else { /* ... or the section name becomes config name */ -@@ -93,7 +93,7 @@ METHOD(enumerator_t, section_enumerator_ +@@ -90,7 +90,7 @@ METHOD(enumerator_t, section_enumerator_ if (value && uci_lookup(this->ctx, &element, this->package, this->current->name, this->keywords[i]) == UCI_OK) { @@ -17,4 +17,4 @@ + *value = uci_to_option(element)->v.string; } } - va_end(args); + diff --git a/net/strongswan/patches/305-minimal_dh_plugin.patch b/net/strongswan/patches/305-minimal_dh_plugin.patch index a1b0b5f80a..eb8d83c4a3 100644 --- a/net/strongswan/patches/305-minimal_dh_plugin.patch +++ b/net/strongswan/patches/305-minimal_dh_plugin.patch @@ -1,6 +1,6 @@ --- a/configure.ac +++ b/configure.ac -@@ -133,6 +133,7 @@ ARG_DISBL_SET([fips-prf], [disable +@@ -135,6 +135,7 @@ ARG_DISBL_SET([fips-prf], [disable ARG_ENABL_SET([gcm], [enables the GCM AEAD wrapper crypto plugin.]) ARG_ENABL_SET([gcrypt], [enables the libgcrypt plugin.]) ARG_DISBL_SET([gmp], [disable GNU MP (libgmp) based crypto implementation plugin.]) @@ -8,15 +8,15 @@ ARG_DISBL_SET([curve25519], [disable Curve25519 Diffie-Hellman plugin.]) ARG_DISBL_SET([hmac], [disable HMAC crypto implementation plugin.]) ARG_ENABL_SET([md4], [enable MD4 software implementation plugin.]) -@@ -1362,6 +1363,7 @@ ADD_PLUGIN([gcrypt], [s ch +@@ -1379,6 +1380,7 @@ ADD_PLUGIN([gcrypt], [s ch ADD_PLUGIN([af-alg], [s charon scepclient pki scripts medsrv attest nm cmd aikgen]) ADD_PLUGIN([fips-prf], [s charon nm cmd]) - ADD_PLUGIN([gmp], [s charon scepclient pki scripts manager medsrv attest nm cmd aikgen]) + ADD_PLUGIN([gmp], [s charon scepclient pki scripts manager medsrv attest nm cmd aikgen fuzz]) +ADD_PLUGIN([gmpdh], [s charon scepclient pki scripts manager medsrv attest nm cmd aikgen]) - ADD_PLUGIN([curve25519], [s charon scripts nm cmd]) + ADD_PLUGIN([curve25519], [s charon pki scripts nm cmd]) ADD_PLUGIN([agent], [s charon nm cmd]) ADD_PLUGIN([keychain], [s charon cmd]) -@@ -1498,6 +1500,7 @@ AM_CONDITIONAL(USE_SHA3, test x$sha3 = x +@@ -1516,6 +1518,7 @@ AM_CONDITIONAL(USE_SHA3, test x$sha3 = x AM_CONDITIONAL(USE_MGF1, test x$mgf1 = xtrue) AM_CONDITIONAL(USE_FIPS_PRF, test x$fips_prf = xtrue) AM_CONDITIONAL(USE_GMP, test x$gmp = xtrue) @@ -24,7 +24,7 @@ AM_CONDITIONAL(USE_CURVE25519, test x$curve25519 = xtrue) AM_CONDITIONAL(USE_RDRAND, test x$rdrand = xtrue) AM_CONDITIONAL(USE_AESNI, test x$aesni = xtrue) -@@ -1756,6 +1759,7 @@ AC_CONFIG_FILES([ +@@ -1783,6 +1786,7 @@ AC_CONFIG_FILES([ src/libstrongswan/plugins/mgf1/Makefile src/libstrongswan/plugins/fips_prf/Makefile src/libstrongswan/plugins/gmp/Makefile @@ -34,7 +34,7 @@ src/libstrongswan/plugins/aesni/Makefile --- a/src/libstrongswan/Makefile.am +++ b/src/libstrongswan/Makefile.am -@@ -313,6 +313,13 @@ if MONOLITHIC +@@ -323,6 +323,13 @@ if MONOLITHIC endif endif