[Buildroot] [PATCH] strongswan: security bump to version 5.3.4
Thomas Petazzoni
thomas.petazzoni at free-electrons.com
Mon Nov 16 20:15:07 UTC 2015
Dear Gustavo Zacarias,
On Mon, 16 Nov 2015 16:55:06 -0300, Gustavo Zacarias wrote:
> Fixes:
> CVE-2015-8023 - authentication bypass vulnerability in the eap-mschapv2
> plugin that was caused by insufficient verification of the internal
> state when handling EAP-MSCHAPv2 Success messages received by the
> client.
>
> Signed-off-by: Gustavo Zacarias <gustavo at zacarias.com.ar>
> ---
> package/strongswan/strongswan.hash | 6 +++---
> package/strongswan/strongswan.mk | 2 +-
> 2 files changed, 4 insertions(+), 4 deletions(-)
Applied to master, thanks.
Thomas
--
Thomas Petazzoni, CTO, Free Electrons
Embedded Linux, Kernel and Android engineering
http://free-electrons.com
More information about the buildroot
mailing list