This project is archived. Its data is read-only.

Commit 2965f2e4 authored Jun 08, 2015 by Gustavo Zacarias Committed by Thomas Petazzoni Jun 09, 2015

strongswan: security bump to version 5.3.2



Fixes:

CVE-2015-4171 - rogue servers with a valid certificate
accepted by the client to trick it into disclosing its username and even
password (if the client accepts EAP-GTC).

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

parent fb67b749

package/strongswan/strongswan.hash

+2 −2

Original line number	Diff line number	Diff line
		# From http://download.strongswan.org/strongswan-5.3.1.tar.bz2.md5
		md5 66f258901a3d6c271da1a0c7fb3e5013 strongswan-5.3.1.tar.bz2
		# From http://download.strongswan.org/strongswan-5.3.2.tar.bz2.md5
		md5 fab014be1477ef4ebf9a765e10f8802c strongswan-5.3.2.tar.bz2

package/strongswan/strongswan.mk

+1 −1

Original line number	Diff line number	Diff line
		@@ -4,7 +4,7 @@
		#
		################################################################################

		STRONGSWAN_VERSION = 5.3.1
		STRONGSWAN_VERSION = 5.3.2
		STRONGSWAN_SOURCE = strongswan-$(STRONGSWAN_VERSION).tar.bz2
		STRONGSWAN_SITE = http://download.strongswan.org
		STRONGSWAN_LICENSE = GPLv2+