- Resolves rhbz#1581868 CVE-2018-5388 strongswan: buffer underflow in stroke_socket.c
This commit is contained in:
Paul Wouters
15
strongswan-5.6.2-CVE-2018-5388.patch
Normal file
15
strongswan-5.6.2-CVE-2018-5388.patch
Normal file
@@ -0,0 +1,15 @@
|
|||||||
|
diff -Naur strongswan-5.6.2-orig/src/libcharon/plugins/stroke/stroke_socket.c strongswan-5.6.2/src/libcharon/plugins/stroke/stroke_socket.c
|
||||||
|
--- strongswan-5.6.2-orig/src/libcharon/plugins/stroke/stroke_socket.c 2017-11-09 10:57:30.000000000 -0500
|
||||||
|
+++ strongswan-5.6.2/src/libcharon/plugins/stroke/stroke_socket.c 2018-05-24 00:00:32.382953618 -0400
|
||||||
|
@@ -628,6 +628,11 @@
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
|
+ if (len < offsetof(stroke_msg_t, buffer))
|
||||||
|
+ {
|
||||||
|
+ DBG1(DBG_CFG, "invalid stroke message length %d", len);
|
||||||
|
+ return FALSE;
|
||||||
|
+ }
|
||||||
|
/* read message (we need an additional byte to terminate the buffer) */
|
||||||
|
msg = malloc(len + 1);
|
||||||
|
msg->length = len;
|
||||||
@@ -3,13 +3,14 @@
|
|||||||
|
|
||||||
Name: strongswan
|
Name: strongswan
|
||||||
Version: 5.6.2
|
Version: 5.6.2
|
||||||
Release: 5%{?dist}
|
Release: 6%{?dist}
|
||||||
Summary: An OpenSource IPsec-based VPN and TNC solution
|
Summary: An OpenSource IPsec-based VPN and TNC solution
|
||||||
License: GPLv2+
|
License: GPLv2+
|
||||||
URL: http://www.strongswan.org/
|
URL: http://www.strongswan.org/
|
||||||
Source0: http://download.strongswan.org/%{name}-%{version}%{?prerelease}.tar.bz2
|
Source0: http://download.strongswan.org/%{name}-%{version}%{?prerelease}.tar.bz2
|
||||||
Patch1: strongswan-5.6.0-uintptr_t.patch
|
Patch1: strongswan-5.6.0-uintptr_t.patch
|
||||||
Patch2: strongswan-5.6.2-1574939-VPN-DNS.patch
|
Patch2: strongswan-5.6.2-1574939-VPN-DNS.patch
|
||||||
|
Patch3: strongswan-5.6.2-CVE-2018-5388.patch
|
||||||
|
|
||||||
# only needed for pre-release versions
|
# only needed for pre-release versions
|
||||||
#BuildRequires: autoconf automake
|
#BuildRequires: autoconf automake
|
||||||
@@ -78,6 +79,7 @@ PT-TLS to support TNC over TLS.
|
|||||||
%setup -q -n %{name}-%{version}%{?prerelease}
|
%setup -q -n %{name}-%{version}%{?prerelease}
|
||||||
%patch1 -p1
|
%patch1 -p1
|
||||||
%patch2 -p1
|
%patch2 -p1
|
||||||
|
%patch3 -p1
|
||||||
|
|
||||||
%build
|
%build
|
||||||
# only for snapshots
|
# only for snapshots
|
||||||
@@ -257,6 +259,9 @@ done
|
|||||||
%{_libexecdir}/strongswan/charon-nm
|
%{_libexecdir}/strongswan/charon-nm
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Thu May 24 2018 Paul Wouters <pwouters@redhat.com> - 5.6.2-6
|
||||||
|
- Resolves rhbz#1581868 CVE-2018-5388 strongswan: buffer underflow in stroke_socket.c
|
||||||
|
|
||||||
* Thu May 24 2018 Paul Wouters <pwouters@redhat.com> - 5.6.2-5
|
* Thu May 24 2018 Paul Wouters <pwouters@redhat.com> - 5.6.2-5
|
||||||
- Resolves rhbz#1574939 IKEv2 VPN connections fail to use DNS servers provided by the server
|
- Resolves rhbz#1574939 IKEv2 VPN connections fail to use DNS servers provided by the server
|
||||||
- Resolves rhbz#1449875 Strongswan on epel built without the sql plugin but with the sqlite plugin
|
- Resolves rhbz#1449875 Strongswan on epel built without the sql plugin but with the sqlite plugin
|
||||||
|
|||||||
Reference in New Issue
Block a user