Overview
Request 205538 accepted
- Applied upstream fix for a denial-of-service and authorization
bypass vulnerability via crafted ID payload in strongswan 4.3.3
up to 5.1.0 (CVE-2013-6075, bnc#847506).
[0007-strongswan-4.3.3_5.1.0-bnc-847506-CVE-2013-6075.patch]
- Added a recursion limit to get_route in netlink plugin to avoid
a charon crash while trying to find a source address when local
left is set to %any on newer kernels sorting the default route
as first one (bnc#840826).
[0006-strongswan-4.6.4-bnc-840826-recursion-limit.patch]
- Fixed patch file/number in spec and bug/file references in the
changes and inside of the patch files.
[0004 -> 0005-strongswan-4.3.0-5.0.4_is_asn1-CVE-2013-5018.bnc833278.patch]
[0003 -> 0004-Check-return-value-of-ECDSA_Verify-correctly.patch]
[0001 -> 0003-openssl-Ensure-the-thread-ID-is-never-zero.patch]
- Created by mtomaschewski
- In state accepted
Request History
mtomaschewski created request
- Applied upstream fix for a denial-of-service and authorization
bypass vulnerability via crafted ID payload in strongswan 4.3.3
up to 5.1.0 (CVE-2013-6075, bnc#847506).
[0007-strongswan-4.3.3_5.1.0-bnc-847506-CVE-2013-6075.patch]
- Added a recursion limit to get_route in netlink plugin to avoid
a charon crash while trying to find a source address when local
left is set to %any on newer kernels sorting the default route
as first one (bnc#840826).
[0006-strongswan-4.6.4-bnc-840826-recursion-limit.patch]
- Fixed patch file/number in spec and bug/file references in the
changes and inside of the patch files.
[0004 -> 0005-strongswan-4.3.0-5.0.4_is_asn1-CVE-2013-5018.bnc833278.patch]
[0003 -> 0004-Check-return-value-of-ECDSA_Verify-correctly.patch]
[0001 -> 0003-openssl-Ensure-the-thread-ID-is-never-zero.patch]
vpereirabr accepted request
ok
