SHA256
1
0
forked from pool/strongswan
strongswan/strongswan-5.6.0.tar.bz2.sig
Nirmoy Das 062c69a06d Accepting request 521273 from home:ndas:branches:network:vpn
- Updated to strongSwan 5.6.0 providing the following changes:
    *Fixed a DoS vulnerability in the gmp plugin that was caused by insufficient input validation
    when verifying RSA signatures, which requires decryption with the operation m^e mod n,
    where m is the signature, and e and n are the exponent and modulus of the public key.
    The value m is an integer between 0 and n-1, however, the gmp plugin did not verify this.
    So if m equals n the calculation results in 0, in which case mpz_export() returns NULL.
    This result wasn't handled properly causing a null-pointer dereference.
    This vulnerability has been registered as CVE-2017-11185. (bsc#1051222)
    *New SWIMA IMC/IMV pair implements the draft-ietf-sacm-nea-swima-patnc Internet
    Draft and has been demonstrated at the IETF 99 Prague Hackathon.
    *The IMV database template has been adapted to achieve full compliance with the
    ISO 19770-2:2015 SWID tag standard.
    *The pt-tls-client can attach and use TPM 2.0 protected private keys via the --keyid parameter.
    *By default the /etc/swanctl/conf.d directory is created and *.conf files in it are included in the default
    swanctl.conf file.
    
    *The curl plugin now follows HTTP redirects (configurable via strongswan.conf).
    *The CHILD_SA rekeying was fixed in charon-tkm and the behavior is refined a bit more since 5.5.3
    *libtpmtss supports Intel's TSS2 Architecture Broker and Resource Manager interface (tcti-tabrmd).
    * more on https://wiki.strongswan.org/versions/66

OBS-URL: https://build.opensuse.org/request/show/521273
OBS-URL: https://build.opensuse.org/package/show/network:vpn/strongswan?expand=0&rev=104
2017-09-05 15:38:01 +00:00

15 lines
648 B
Standard ML

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQGcBAABAgAGBQJZkUjtAAoJEN9CwXCzTbp3m08L/3A4QqZMMuBMuliao4kwO4tG
kyHD+nWMrFIK2dwu9zAMY5noiVUNcXExPgF7UTbW77Tr2s8RtkrnIUCTEJ+qYk7F
CNX2BmdYbB9MAofkaou/xAXKgfxXVxw41DY7sK59e+VZayJ+LN9Suq413ymdF6Da
kclM5ZoEM9X7feY+n1U2/DG199pF5sFN4dEt+kgSD4NJuZHsn+jfLVYzciHBIyk5
d1tnUAVjVUIVfGrQ6SG2SoASIla4Qv27YszdRtzIRYVjzj+bt4gX2ORkpChLGg6M
an50EM6yDBdDDyF+muNKl8OaE6YaAmIBKuftn/Rlx8kILzUTtiKk+6au699XaW/H
dMdHgb8AsyTi/nudz/nYfHUyYIbalOLwttG8qh3U+qCZ9ZbXy6wi9HB8FBPUNRru
UBd1Y+kh7FMicZprlr5xGxJ78vi7avV9HOjxIZldfoAaP/AO9l4fXYs2AVzZRalJ
eCwB7EHznJ/KVoKZ9MpXp6ne3iPGLYsoo92B8OXY3g==
=ZRFr
-----END PGP SIGNATURE-----