[Bug 226043] security/strongswan: Update to 5.6.2 [CVE-2018-6459]
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Mon Feb 19 12:58:32 UTC 2018
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=226043
Bug ID: 226043
Summary: security/strongswan: Update to 5.6.2 [CVE-2018-6459]
Product: Ports & Packages
Version: Latest
Hardware: Any
OS: Any
Status: New
Severity: Affects Some People
Priority: ---
Component: Individual Port(s)
Assignee: freebsd-ports-bugs at FreeBSD.org
Reporter: strongswan at Nanoteq.com
Attachment #190795 maintainer-approval+
Flags:
Flags: maintainer-feedback+
Created attachment 190795
--> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=190795&action=edit
Update strongswan to 5.6.2
Update strongswan to 5.6.2 to fix vulnerability CVE-2018-6459.
https://github.com/strongswan/strongswan/blob/master/NEWS
Fixed a DoS vulnerability in the parser for PKCS#1 RSASSA-PSS signatures that
was caused by insufficient input validation. One of the configurable
parameters in algorithm identifier structures for RSASSA-PSS signatures is the
mask generation function (MGF). Only MGF1 is currently specified for this
purpose. However, this in turn takes itself a parameter that specifies the
underlying hash function. strongSwan's parser did not correctly handle the
case of this parameter being absent, causing an undefined data read.
This vulnerability has been registered as CVE-2018-6459.
Bug 220488 is also fixed as part of this patch.
(https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=220488)
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-ports-bugs
mailing list