Summary: | <net-vpn/strongswan-5.9.10: denial of service but possibly even remote code execution | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Conrad Kostecki <conikost> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | kernlpanic, proxy-maint, rndxelement |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://www.strongswan.org/blog/2023/03/02/strongswan-vulnerability-(cve-2023-26463).html | ||
Whiteboard: | B2 [glsa+] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 904537 | ||
Bug Blocks: |
Description
Conrad Kostecki
2023-03-06 21:51:54 UTC
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e946ce4d76ece04b512661469ce5550e1d505ae5 commit e946ce4d76ece04b512661469ce5550e1d505ae5 Author: Dennis Eisele <kernlpanic@dennis-eisele.de> AuthorDate: 2023-03-04 13:33:08 +0000 Commit: Conrad Kostecki <conikost@gentoo.org> CommitDate: 2023-03-14 23:12:01 +0000 net-vpn/strongswan: version bump to 5.9.10 Bug: https://bugs.gentoo.org/899964 Signed-off-by: Dennis Eisele <kernlpanic@dennis-eisele.de> Closes: https://github.com/gentoo/gentoo/pull/29924 Signed-off-by: Conrad Kostecki <conikost@gentoo.org> net-vpn/strongswan/Manifest | 1 + net-vpn/strongswan/strongswan-5.9.10.ebuild | 318 ++++++++++++++++++++++++++++ 2 files changed, 319 insertions(+) Thanks! Ping. Please clean up vulnerable versions 5.9.8 and 5.9.9. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=328181b0a39b56600ebba16a15ab14e3e4954b85 commit 328181b0a39b56600ebba16a15ab14e3e4954b85 Author: Conrad Kostecki <conikost@gentoo.org> AuthorDate: 2023-10-08 21:50:15 +0000 Commit: Conrad Kostecki <conikost@gentoo.org> CommitDate: 2023-10-08 21:51:41 +0000 net-vpn/strongswan: drop 5.9.8, 5.9.9, 5.9.10 Bug: https://bugs.gentoo.org/899964 Signed-off-by: Conrad Kostecki <conikost@gentoo.org> net-vpn/strongswan/Manifest | 3 - net-vpn/strongswan/strongswan-5.9.10.ebuild | 318 ---------------------------- net-vpn/strongswan/strongswan-5.9.8.ebuild | 318 ---------------------------- net-vpn/strongswan/strongswan-5.9.9.ebuild | 318 ---------------------------- 4 files changed, 957 deletions(-) The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=5c311dfaab4c0172a4524ae5860106bcac33a694 commit 5c311dfaab4c0172a4524ae5860106bcac33a694 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2024-05-04 09:05:41 +0000 Commit: Hans de Graaff <graaff@gentoo.org> CommitDate: 2024-05-04 09:06:06 +0000 [ GLSA 202405-08 ] strongSwan: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/818841 Bug: https://bugs.gentoo.org/832460 Bug: https://bugs.gentoo.org/878887 Bug: https://bugs.gentoo.org/899964 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Hans de Graaff <graaff@gentoo.org> glsa-202405-08.xml | 48 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 48 insertions(+) |