Re: git: 4e2c0382dd6c - main - security/strongswan: fix CVE-2023-41913
Date: Fri, 24 Nov 2023 12:02:21 UTC
On 24.11.23 09:06, Eugene Grosbein wrote: > The branch main has been updated by eugen: > > URL: https://cgit.FreeBSD.org/ports/commit/?id=4e2c0382dd6c024d5349318f9a18762b3814ef9a > > commit 4e2c0382dd6c024d5349318f9a18762b3814ef9a > Author: Eugene Grosbein <eugen@FreeBSD.org> > AuthorDate: 2023-11-24 08:03:00 +0000 > Commit: Eugene Grosbein <eugen@FreeBSD.org> > CommitDate: 2023-11-24 08:03:00 +0000 > > security/strongswan: fix CVE-2023-41913 > > This is urgent change adding official patch > https://download.strongswan.org/security/CVE-2023-41913/strongswan-5.9.7-5.9.11_charon_tkm_dh_len.patch > that is identical to the change made for strongswan-5.9.12: > https://github.com/strongswan/strongswan/commit/96d793718955820dfe5e6d8aa6127a34795ae39e > > It is upto port maintainer to review and maybe upgrade the port to 5.9.12 > > Obtained from: strongSwan > Security: CVE-2023-41913 Hi Eugene, did you verify whether the port is actually vulnerable? I had a look a couple of days ago and my impression was that we don't build charon with the TKM backend. I only had a quick look, so maybe I was wrong and your input would be much appreciated. Thanks Florian