Change-Id: Ibb5040526c04c84b24dc82c1817a026463a758ee
Reviewed-on: http://photon-jenkins.eng.vmware.com:8082/5394
Tested-by: gerrit-photon <photon-checkins@vmware.com>
Reviewed-by: Alexey Makhalov <amakhalov@vmware.com>
1 | 1 |
new file mode 100644 |
... | ... |
@@ -0,0 +1,27 @@ |
0 |
+From 0acd1ab4d08d53d80393b1a37b8781f6e7b2b996 Mon Sep 17 00:00:00 2001 |
|
1 |
+From: Tobias Brunner <tobias@strongswan.org> |
|
2 |
+Date: Tue, 13 Mar 2018 18:54:08 +0100 |
|
3 |
+Subject: [PATCH] stroke: Ensure a minimum message length |
|
4 |
+ |
|
5 |
+--- |
|
6 |
+ src/libcharon/plugins/stroke/stroke_socket.c | 5 +++++ |
|
7 |
+ 1 file changed, 5 insertions(+) |
|
8 |
+ |
|
9 |
+diff --git a/src/libcharon/plugins/stroke/stroke_socket.c b/src/libcharon/plugins/stroke/stroke_socket.c |
|
10 |
+index c568440..1e7f210 100644 |
|
11 |
+--- a/src/libcharon/plugins/stroke/stroke_socket.c |
|
12 |
+@@ -627,6 +627,11 @@ static bool on_accept(private_stroke_socket_t *this, stream_t *stream) |
|
13 |
+ } |
|
14 |
+ return FALSE; |
|
15 |
+ } |
|
16 |
++ if (len < offsetof(stroke_msg_t, buffer)) |
|
17 |
++ { |
|
18 |
++ DBG1(DBG_CFG, "invalid stroke message length %d", len); |
|
19 |
++ return FALSE; |
|
20 |
++ } |
|
21 |
+ |
|
22 |
+ /* read message (we need an additional byte to terminate the buffer) */ |
|
23 |
+ msg = malloc(len + 1); |
|
24 |
+-- |
|
25 |
+1.9.1 |
... | ... |
@@ -1,7 +1,7 @@ |
1 | 1 |
Summary: The OpenSource IPsec-based VPN Solution |
2 | 2 |
Name: strongswan |
3 | 3 |
Version: 5.5.2 |
4 |
-Release: 3%{?dist} |
|
4 |
+Release: 4%{?dist} |
|
5 | 5 |
License: GPLv2+ |
6 | 6 |
URL: https://www.strongswan.org/ |
7 | 7 |
Group: System Environment/Security |
... | ... |
@@ -12,6 +12,7 @@ Source0: https://download.strongswan.org/%{name}-%{version}.tar.bz2 |
12 | 12 |
Patch0: CVE-2017-9022.patch |
13 | 13 |
Patch1: CVE-2017-9023.patch |
14 | 14 |
Patch2: CVE-2017-11185.patch |
15 |
+Patch3: CVE-2018-5388.patch |
|
15 | 16 |
|
16 | 17 |
BuildRequires: autoconf |
17 | 18 |
|
... | ... |
@@ -23,6 +24,7 @@ strongSwan is a complete IPsec implementation for Linux 2.6, 3.x, and 4.x kernel |
23 | 23 |
%patch0 -p1 |
24 | 24 |
%patch1 -p1 |
25 | 25 |
%patch2 -p1 |
26 |
+%patch3 -p1 |
|
26 | 27 |
|
27 | 28 |
%build |
28 | 29 |
./configure --prefix=%{_prefix} --sysconfdir=%{_sysconfdir} |
... | ... |
@@ -52,6 +54,8 @@ rm -rf %{buildroot}/* |
52 | 52 |
%{_datadir}/strongswan/* |
53 | 53 |
|
54 | 54 |
%changelog |
55 |
+* Mon Jul 23 2018 Ajay Kaher <akaher@vmware.com> 5.5.2-4 |
|
56 |
+- Fix CVE-2018-5388 |
|
55 | 57 |
* Tue Oct 10 2017 Dheeraj Shetty <dheerajs@vmware.com> 5.5.2-3 |
56 | 58 |
- Fix CVE-2017-11185 CVE-2017-9022 and CVE-2017-9023 |
57 | 59 |
* Thu Aug 24 2017 Alexey Makhalov <amakhalov@vmware.com> 5.5.2-2 |