Fixed a DoS vulnerability in the parser for PKCS#1 RSASSA-PSS
signatures that was caused by insufficient input validation.
One of the configurable parameters in algorithm identifier
structures for RSASSA-PSS signatures is the mask generation
function (MGF). Only MGF1 is currently specified for this purpose.
However, this in turn takes itself a parameter that specifies
the underlying hash function. strongSwan's parser did not
correctly handle the case of this parameter being absent,
causing an undefined data read.
This vulnerability has been registered as CVE-2018-6459.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
--- /dev/null
+../../../common/strongswan
\ No newline at end of file
done
# Stop services
+ipsec stop
# Remove old files
rm -vf \
include Config
-VER = 5.6.1
+VER = 5.6.2
THISAPP = strongswan-$(VER)
DL_FILE = $(THISAPP).tar.bz2
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = cb2241f1b96c524cd15b1c0f50ed9a27
+$(DL_FILE)_MD5 = 46aa3aa18fbc4bd528f9a0345ce79913
install : $(TARGET)