* [Buildroot] [PATCH] strongswan: security bump to version 5.3.2
@ 2015-06-08 13:50 Gustavo Zacarias
2015-06-09 20:44 ` Thomas Petazzoni
0 siblings, 1 reply; 2+ messages in thread
From: Gustavo Zacarias @ 2015-06-08 13:50 UTC (permalink / raw)
To: buildroot
Fixes:
CVE-2015-4171 - rogue servers with a valid certificate
accepted by the client to trick it into disclosing its username and even
password (if the client accepts EAP-GTC).
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
---
package/strongswan/strongswan.hash | 4 ++--
package/strongswan/strongswan.mk | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/package/strongswan/strongswan.hash b/package/strongswan/strongswan.hash
index e38c736..8b31de4 100644
--- a/package/strongswan/strongswan.hash
+++ b/package/strongswan/strongswan.hash
@@ -1,2 +1,2 @@
-# From http://download.strongswan.org/strongswan-5.3.1.tar.bz2.md5
-md5 66f258901a3d6c271da1a0c7fb3e5013 strongswan-5.3.1.tar.bz2
+# From http://download.strongswan.org/strongswan-5.3.2.tar.bz2.md5
+md5 fab014be1477ef4ebf9a765e10f8802c strongswan-5.3.2.tar.bz2
diff --git a/package/strongswan/strongswan.mk b/package/strongswan/strongswan.mk
index f165eb1..47a28a3 100644
--- a/package/strongswan/strongswan.mk
+++ b/package/strongswan/strongswan.mk
@@ -4,7 +4,7 @@
#
################################################################################
-STRONGSWAN_VERSION = 5.3.1
+STRONGSWAN_VERSION = 5.3.2
STRONGSWAN_SOURCE = strongswan-$(STRONGSWAN_VERSION).tar.bz2
STRONGSWAN_SITE = http://download.strongswan.org
STRONGSWAN_LICENSE = GPLv2+
--
2.3.6
^ permalink raw reply related [flat|nested] 2+ messages in thread
* [Buildroot] [PATCH] strongswan: security bump to version 5.3.2
2015-06-08 13:50 [Buildroot] [PATCH] strongswan: security bump to version 5.3.2 Gustavo Zacarias
@ 2015-06-09 20:44 ` Thomas Petazzoni
0 siblings, 0 replies; 2+ messages in thread
From: Thomas Petazzoni @ 2015-06-09 20:44 UTC (permalink / raw)
To: buildroot
Dear Gustavo Zacarias,
On Mon, 8 Jun 2015 10:50:06 -0300, Gustavo Zacarias wrote:
> Fixes:
>
> CVE-2015-4171 - rogue servers with a valid certificate
> accepted by the client to trick it into disclosing its username and even
> password (if the client accepts EAP-GTC).
>
> Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
> ---
> package/strongswan/strongswan.hash | 4 ++--
> package/strongswan/strongswan.mk | 2 +-
> 2 files changed, 3 insertions(+), 3 deletions(-)
Applied, thanks.
Thomas
--
Thomas Petazzoni, CTO, Free Electrons
Embedded Linux, Kernel and Android engineering
http://free-electrons.com
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2015-06-09 20:44 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-06-08 13:50 [Buildroot] [PATCH] strongswan: security bump to version 5.3.2 Gustavo Zacarias
2015-06-09 20:44 ` Thomas Petazzoni
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox