strongswan: Update to 5.6.0
Fixed a DoS vulnerability in the gmp plugin that was caused by insufficient input validation when verifying RSA signatures, which requires decryption with the operation m^e mod n, where m is the signature, and e and n are the exponent and modulus of the public key. The value m is an integer between 0 and n-1, however, the gmp plugin did not verify this. So if m equals n the calculation results in 0, in which case mpz_export() returns NULL. This result wasn't handled properly causing a null-pointer dereference. This vulnerability has been registered as CVE-2017-11185. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This commit is contained in:
parent
3cf85f498b
commit
cfd8f20528
|
@ -0,0 +1,11 @@
|
|||
--- a/src/libstrongswan/utils/utils/memory.h~ 2017-08-23 19:27:47.033658351 +0000
|
||||
+++ b/src/libstrongswan/utils/utils/memory.h 2017-08-23 19:28:09.468390261 +0000
|
||||
@@ -22,6 +22,8 @@
|
||||
#ifndef MEMORY_H_
|
||||
#define MEMORY_H_
|
||||
|
||||
+#include <stdint.h>
|
||||
+
|
||||
/**
|
||||
* Helper function that compares two binary blobs for equality
|
||||
*/
|
|
@ -4,8 +4,8 @@
|
|||
###############################################################################
|
||||
|
||||
name = strongswan
|
||||
version = 5.5.3
|
||||
release = 3
|
||||
version = 5.6.0
|
||||
release = 1
|
||||
|
||||
groups = Networking/VPN
|
||||
url = http://www.strongswan.org/
|
||||
|
|
Loading…
Reference in New Issue