[arch-commits] Commit in strongswan/trunk (PKGBUILD cve_2018_5388.patch stdint.patch)
Christian Rebischke
shibumi at archlinux.org
Tue Sep 25 14:32:32 UTC 2018
Date: Tuesday, September 25, 2018 @ 14:32:32
Author: shibumi
Revision: 384809
cleaned up PKGBUILD and removed unnecessary files
Modified:
strongswan/trunk/PKGBUILD
Deleted:
strongswan/trunk/cve_2018_5388.patch
strongswan/trunk/stdint.patch
---------------------+
PKGBUILD | 70 +++++++++++++++++++++++++++++++++++++-------------
cve_2018_5388.patch | 25 -----------------
stdint.patch | 11 -------
3 files changed, 52 insertions(+), 54 deletions(-)
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2018-09-25 14:27:50 UTC (rev 384808)
+++ PKGBUILD 2018-09-25 14:32:32 UTC (rev 384809)
@@ -13,7 +13,7 @@
pkgver=5.7.0
pkgrel=1
pkgdesc="open source IPsec implementation"
-url='http://www.strongswan.org'
+url='https://www.strongswan.org'
license=("GPL2")
arch=('x86_64')
makedepends=('curl' 'gmp' 'iproute2' 'openssl' 'sqlite' 'libcap' 'libsystemd'
@@ -40,8 +40,7 @@
vici.conf,x509.conf,xauth-eap.conf,xauth-generic.conf,xcbc.conf,unity.conf,curve25519.conf,bypass-lan.conf}
)
-source=("https://download.strongswan.org/strongswan-${pkgver}.tar.bz2"
- "https://download.strongswan.org/strongswan-${pkgver}.tar.bz2.sig"
+source=("https://download.strongswan.org/strongswan-${pkgver}.tar.bz2{,.sig}"
'configure_ac.patch'
)
@@ -72,21 +71,56 @@
--enable-integrity-test \
--enable-sqlite \
--enable-pkcs11 \
- --enable-openssl --enable-curl \
- --enable-sql --enable-attr-sql \
- --enable-farp --enable-dhcp \
- --enable-eap-sim --enable-eap-sim-file --enable-eap-simaka-pseudonym \
- --enable-eap-simaka-reauth --enable-eap-identity --enable-eap-md5 \
- --enable-eap-gtc --enable-eap-aka --enable-eap-aka-3gpp2 \
- --enable-eap-mschapv2 --enable-eap-radius --enable-xauth-eap \
- --enable-ha --enable-vici --enable-swanctl --enable-systemd --enable-ext-auth \
- --enable-mysql --enable-ldap --enable-cmd --enable-forecast --enable-connmark \
- --enable-aesni --enable-eap-ttls --enable-radattr --enable-xauth-pam --enable-xauth-noauth \
- --enable-eap-dynamic --enable-eap-peap --enable-eap-tls --enable-chapoly --enable-unity \
- --with-capabilities=libcap --enable-newhope --enable-ntru --enable-mgf1 --enable-sha3 \
- --enable-bliss --enable-dnscert \
- --enable-nm --enable-agent --enable-bypass-lan \
- --enable-ruby-gems --enable-python-eggs
+ --enable-openssl \
+ --enable-curl \
+ --enable-sql \
+ --enable-attr-sql \
+ --enable-farp \
+ --enable-dhcp \
+ --enable-eap-sim \
+ --enable-eap-sim-file \
+ --enable-eap-simaka-pseudonym \
+ --enable-eap-simaka-reauth \
+ --enable-eap-identity \
+ --enable-eap-md5 \
+ --enable-eap-gtc \
+ --enable-eap-aka \
+ --enable-eap-aka-3gpp2 \
+ --enable-eap-mschapv2 \
+ --enable-eap-radius \
+ --enable-xauth-eap \
+ --enable-ha \
+ --enable-vici \
+ --enable-swanctl \
+ --enable-systemd \
+ --enable-ext-auth \
+ --enable-mysql \
+ --enable-ldap \
+ --enable-cmd \
+ --enable-forecast \
+ --enable-connmark \
+ --enable-aesni \
+ --enable-eap-ttls \
+ --enable-radattr \
+ --enable-xauth-pam \
+ --enable-xauth-noauth \
+ --enable-eap-dynamic \
+ --enable-eap-peap \
+ --enable-eap-tls \
+ --enable-chapoly \
+ --enable-unity \
+ --with-capabilities=libcap \
+ --enable-newhope \
+ --enable-ntru \
+ --enable-mgf1 \
+ --enable-sha3 \
+ --enable-bliss \
+ --enable-dnscert \
+ --enable-nm \
+ --enable-agent \
+ --enable-bypass-lan \
+ --enable-ruby-gems \
+ --enable-python-eggs
make
}
Deleted: cve_2018_5388.patch
===================================================================
--- cve_2018_5388.patch 2018-09-25 14:27:50 UTC (rev 384808)
+++ cve_2018_5388.patch 2018-09-25 14:32:32 UTC (rev 384809)
@@ -1,25 +0,0 @@
-From: Tobias Brunner <tobias at strongswan.org>
-Date: Tue, 13 Mar 2018 17:54:08 +0000 (+0100)
-Subject: stroke: Ensure a minimum message length
-X-Git-Tag: 5.6.3dr1~28
-X-Git-Url: https://git.strongswan.org/?p=strongswan.git;a=commitdiff_plain;h=0acd1ab4
-
-stroke: Ensure a minimum message length
----
-
-diff --git a/src/libcharon/plugins/stroke/stroke_socket.c b/src/libcharon/plugins/stroke/stroke_socket.c
-index c568440..1e7f210 100644
---- a/src/libcharon/plugins/stroke/stroke_socket.c
-+++ b/src/libcharon/plugins/stroke/stroke_socket.c
-@@ -627,6 +627,11 @@ static bool on_accept(private_stroke_socket_t *this, stream_t *stream)
- }
- return FALSE;
- }
-+ if (len < offsetof(stroke_msg_t, buffer))
-+ {
-+ DBG1(DBG_CFG, "invalid stroke message length %d", len);
-+ return FALSE;
-+ }
-
- /* read message (we need an additional byte to terminate the buffer) */
- msg = malloc(len + 1);
Deleted: stdint.patch
===================================================================
--- stdint.patch 2018-09-25 14:27:50 UTC (rev 384808)
+++ stdint.patch 2018-09-25 14:32:32 UTC (rev 384809)
@@ -1,11 +0,0 @@
---- strongswan-5.6.0-orig/src/libstrongswan/utils/utils/memory.h 2017-08-14 02:48:41.000000000 -0400
-+++ strongswan-5.6.0/src/libstrongswan/utils/utils/memory.h 2017-09-12 01:15:29.690527667 -0400
-@@ -14,6 +14,8 @@
- * for more details.
- */
-
-+#include <stdint.h> /* for uintptr_t */
-+
- /**
- * @defgroup memory_i memory
- * @{ @ingroup utils_i
More information about the arch-commits
mailing list