Bug 832460 (CVE-2021-45079)

Summary:	<net-vpn/strongswan-5.9.5: authentication bypass
Product:	Gentoo Security	Reporter:	John Helmert III <ajak>
Component:	Vulnerabilities	Assignee:	Gentoo Security <security>
Status:	IN_PROGRESS ---
Severity:	minor	CC:	kernlpanic, proxy-maint, rndxelement
Priority:	Normal
Version:	unspecified
Hardware:	All
OS:	Linux
URL:	https://www.strongswan.org/blog/2022/01/24/strongswan-vulnerability-(cve-2021-45079).html
Whiteboard:	B3 [glsa]
Package list:		Runtime testing required:	---
Bug Depends on:	832508
Bug Blocks:

Description John Helmert III archtester

2022-02-01 03:07:58 UTC

CVE-2021-45079:

In strongSwan before 5.9.5, a malicious responder can send an EAP-Success message too early without actually authenticating the client and (in the case of EAP methods with mutual authentication and EAP-only authentication for IKEv2) even without server authentication.

Please stabilize 5.9.5.

Comment 1 John Helmert III archtester

2022-02-03 01:20:03 UTC

Please cleanup, thanks!

Comment 2 Larry the Git Cow gentoo-dev

2023-01-06 17:45:39 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7387260e58f7f39705fa2c03024201eee834e8e9

commit 7387260e58f7f39705fa2c03024201eee834e8e9
Author:     John Helmert III <ajak@gentoo.org>
AuthorDate: 2023-01-06 17:43:24 +0000
Commit:     John Helmert III <ajak@gentoo.org>
CommitDate: 2023-01-06 17:43:34 +0000

    net-vpn/strongswan: drop 5.9.6-r1, 5.9.7
    
    Bug: https://bugs.gentoo.org/818841
    Bug: https://bugs.gentoo.org/832460
    Bug: https://bugs.gentoo.org/878887
    Signed-off-by: John Helmert III <ajak@gentoo.org>

 net-vpn/strongswan/Manifest                        |   2 -
 .../files/strongswan-5.9.6-werror-security.patch   |  20 --
 net-vpn/strongswan/strongswan-5.9.6-r1.ebuild      | 322 ---------------------
 net-vpn/strongswan/strongswan-5.9.7.ebuild         | 318 --------------------
 4 files changed, 662 deletions(-)