Date: Wed, 30 Apr 2014 08:47:34 GMT From: Dewayne <dewayne@heuristicsystems.com.au> To: freebsd-gnats-submit@FreeBSD.org Subject: ports/189132: security/strongswan Update request to 5.1.3 (CVE 2014-2338) Message-ID: <201404300847.s3U8lYHJ093399@cgiserv.freebsd.org> Resent-Message-ID: <201404300850.s3U8o2fZ005060@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 189132 >Category: ports >Synopsis: security/strongswan Update request to 5.1.3 (CVE 2014-2338) >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: update >Submitter-Id: current-users >Arrival-Date: Wed Apr 30 08:50:02 UTC 2014 >Closed-Date: >Last-Modified: >Originator: Dewayne >Release: FreeBSD 9.2Stable >Organization: >Environment: FreeBSD 9.2-STABLE FreeBSD 9.2-STABLE #0: Thu Apr 24 22:50:37 EST 2014 root@:/usr/obj/prod/usr/src/sys/hqdev-amd64-padlock-smp-vga amd64 >Description: Strongswan has quite a few useful changes from 5.1.1 to 5.1.3, please refer: http://wiki.strongswan.org/projects/strongswan/wiki/Changelog51 strongswan 5.1.3 was released 14th April 2014 and addresses CVE 2014-2338, unfortunately portaudit as of Wed Apr 30 08:31:59 UTC 2014 did not include this vulnerability. Details of CVE at: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2014-2338 After changing only the Makefile's to PORTVERSION= 5.1.3 I've tested 5.1.3 compilation on a 9.2Stable system (using gcc & pkg_*). Compiles and builds a package cleanly but I haven't tested its function yet. >How-To-Repeat: >Fix: >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201404300847.s3U8lYHJ093399>