strongswan: Update to 5.6.0

Fixed a DoS vulnerability in the gmp plugin that was caused by insufficient input validation
when verifying RSA signatures, which requires decryption with the operation m^e mod n,
where m is the signature, and e and n are the exponent and modulus of the public key.
The value m is an integer between 0 and n-1, however, the gmp plugin did not verify this.
So if m equals n the calculation results in 0, in which case mpz_export() returns NULL.
This result wasn't handled properly causing a null-pointer dereference.

This vulnerability has been registered as CVE-2017-11185.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

diff --git a/strongswan/patches/compile-fix-glibc-2.26.patch b/strongswan/patches/compile-fix-glibc-2.26.patch
new file mode 100644 (file)
index 0000000..a79b210
--- /dev/null
+++ b/strongswan/patches/compile-fix-glibc-2.26.patch
@@ -0,0 +1,11 @@
+--- a/src/libstrongswan/utils/utils/memory.h~     2017-08-23 19:27:47.033658351 +0000
++++ b/src/libstrongswan/utils/utils/memory.h      2017-08-23 19:28:09.468390261 +0000
+@@ -22,6 +22,8 @@
+ #ifndef MEMORY_H_
+ #define MEMORY_H_
+ 
++#include <stdint.h>
++
+ /**
+  * Helper function that compares two binary blobs for equality
+  */

diff --git a/strongswan/strongswan.nm b/strongswan/strongswan.nm
index dd7a0a45f9f5f22eae9993ebd4059b2bd4695e8f..949ebd736bdf95af949420b95540c2be866f1a43 100644 (file)
--- a/strongswan/strongswan.nm
+++ b/strongswan/strongswan.nm
@@ -4,8 +4,8 @@
 ###############################################################################
 
 name       = strongswan
-version    = 5.5.3
-release    = 3
+version    = 5.6.0
+release    = 1
 
 groups     = Networking/VPN
 url        = http://www.strongswan.org/