Accepting request 123120 from network:vpn

update to 4.6.4 / bnc#761325, CVE-2012-2388 OBS-URL: https://build.opensuse.org/request/show/123120 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/strongswan?expand=0&rev=43
2012-06-01 05:24:16 +00:00 · 2012-06-01 05:24:16 +00:00 · 4e96746b5a
commit 4e96746b5a
parent e257efc664 2645720915
8 changed files with 28 additions and 18 deletions
--- a/strongswan-4.6.3.tar.bz2
+++ b/strongswan-4.6.3.tar.bz2
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:a2443f9b22b64932cf7600723aee4f2fce51ba56e0216ae5f31dbb3470903d24
-size 3555738
--- a/strongswan-4.6.3.tar.bz2.sig
+++ b/strongswan-4.6.3.tar.bz2.sig
@ -1,14 +0,0 @@
-----BEGIN PGP SIGNATURE-----
-Version: GnuPG v1.4.11 (GNU/Linux)
-
-iQGcBAABAgAGBQJPntqnAAoJEN9CwXCzTbp3UlcL/RX4foD5Y7qkvihoTU78a0E7
-4T3ytLY/WIzx1xELxZhkqHeS0gN/j0bthPW+4TvEG0XH4g1JF2MqT0e4D0vFdOmT
-BwUIhEC1LQHyM4CaJQpSGzIMs8YcR8HYQiHNRLjzNQcj30tpBhnchcWCikiC/MZO
-YaFtZozbGnqcj6DVGjX8ymBxfpwT/+WGJ4ZIwGJwvLXc1XEtIo1zMcyX76LKHk/x
-6E12pDL5/4s68XJ9/2Uk6M9lQUQOnQT4SGJvTjZ4YACc08yQbR/2mU/puCWw9pBX
-qQIKn7abmgj1/wwbqwYf0pSuUrlSwWLsVJVqpPYgHEydd8IoeSgZke8JacIR9ztW
-aiAtqFNRKo/rj/BuCxyt90sMBi1IPznRSB1IBYKSwp9EvuKtAlIoCmH4bHq/6w0O
-4ad0rTaXhwqTjGtpQR/UsXcdtaq0pB4uauOz6bsGFUflMPXDrE6yABiuGPowCJiK
-SVR9gtBHHYvzo5sRJLcemXswO93tI48/IpZRnHAmyw==
-=vGXG
-----END PGP SIGNATURE-----
--- a/strongswan-4.6.4-fmt-warnings.patch
+++ b/strongswan-4.6.4-fmt-warnings.patch
--- a/strongswan-4.6.4-rpmlintrc
+++ b/strongswan-4.6.4-rpmlintrc
--- a/strongswan-4.6.4.tar.bz2
+++ b/strongswan-4.6.4.tar.bz2
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:f372b4cc3d6c8a50a0b262e02e6a7fad43f91cc5a80cbd9432eb3c48ab2d4c69
+size 3504672
--- a/strongswan-4.6.4.tar.bz2.sig
+++ b/strongswan-4.6.4.tar.bz2.sig
@ -0,0 +1,14 @@
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.4.11 (GNU/Linux)
+
+iQGcBAABAgAGBQJPx4AbAAoJEN9CwXCzTbp3+GoL/Rs0El+oVlfUTT20/6IhwhI2
+1DJ2kRB97EqDYe7qzBVHaRs1ceU61JhsOEF+DICDttDamAYOlPMkU0Lonmk4uSqe
+Z1TVC7vcQdJEW5dPgx8UYRSxB4VdYkGq8FZSfK0Hdcn69EVnRneqb1oqGPXs3unI
+Eut8dounWYXSXtUhfajKeKmCXyMJDfSRAIoCsF4D/BpiU+VtHPqwLGS6KEfWsYyJ
+cqq5mc4rAL4Y6rLsi6YhqXvrV9klmVpMnlq7dftod7xWXOFX6d6mDSCIH0BrNyar
+AuWJ8CqO06Olp6V8sKTdrtBfuJelM4cEUyehwJbssem7bRCBikkzj0/Yxl7Uu77v
+QplLktKlsq/K8SkzNaqjTNxe7SvrIcrY1ErJTm6iMuinvlIjzoYPhpfnbNcyrrXQ
+qqJ1RTnrXWxDAt41vHTV8I4afhQdt9WlBrp+xYT42PiPll1V6vLx5f/OLDQUVvSo
+co+HFiKgg43090Pi4x5N0J1D1tuVuE7g9IGa1RAyYg==
+=XivO
+-----END PGP SIGNATURE-----
--- a/strongswan.changes
+++ b/strongswan.changes
@ -1,3 +1,13 @@
+-------------------------------------------------------------------
+Thu May 31 16:08:43 UTC 2012 - mt@suse.com
+
+- Updated to strongSwan 4.6.4 release:
+  - Fixed a security vulnerability in the gmp plugin. If this
+    plugin was used for RSA signature verification an empty or
+    zeroed signature was handled as a legitimate one
+    (bnc#761325, CVE-2012-2388).
+  - Fixed several issues with reauthentication and address updates.
+
 -------------------------------------------------------------------
 Thu May 10 09:15:38 UTC 2012 - mt@suse.com

--- a/strongswan.spec
+++ b/strongswan.spec
@ -17,7 +17,7 @@


 Name:           strongswan
-Version:        4.6.3
+Version:        4.6.4
 Release:        0
 %define         upstream_version   %{version}
 %define         strongswan_docdir  %{_docdir}/%{name}