Strongswan 5.1.1 has two CVE's that are corrected in the 5.1.3 release. The maintainer has provided a patch on 8th May, thank-you Francois. The patch applies cleanly and the patched strongswan 5.1.3 installs and functions correctly. I've installed it on two FreeBSD 9.2 (Stable) VPN servers, and other tunnelling firewalls.
It would be appreciated if a ports committer could provide this patch for the rest of the user-base, via a strongswan port update. Refer: http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/189132 CVE's that are addressed: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2014-2338 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2014-2891 Regards, Dewayne. _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "[email protected]"
