[OpenWrt-Devel] (CVE-2014-2338) authentication bypass vulnerability in strongSwan needs patching

Noel Kuntze noel at familie-kuntze.de
Sun Jul 6 11:41:05 EDT 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hello Mirko,

So fixes or new versions with fixes will only be backported, if there is a complete rebuilt scheduled for the release?

Regards,
Noel Kuntze

GPG Key id: 0x63EC6658
Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658
Am 06.07.2014 14:39, schrieb Mirko Parthey:
> Am Sonntag, 06.07.14, 00:00 +0200 schrieb Noel Kuntze:
>> I am once again inquiring about this vulnerabity.
>> The strongSwan version in the repository for the 12.09 version of OpenWRT is still not patched
>> and Mr. Fietkau does not respond to any emails. I wrote him one on 2014-06-08 and one on 2014-07-02.
>>
>> Please update the packages.
>> Lots of people are running vulnerable StrongSwan versions on publicly reachable OpenWRT routers.
>
> Felix Fietkau updated the strongSwan package in the 12.09 SVN branch
> (r40518, 2014-04-15) shortly after updating it in trunk.
> However, it appears that the release branch is not rebuilt automatically,
> so the binary packages are outdated.
> For OpenSSL, packages have been rebuilt manually, but that seems to be
> the exception.
>
> There has been mention on this mailing list of a Barrier Breaker release
> being worked on, but I have no information if there will be another
> release of Attitude Adjustment, which would then also come with updated
> packages from the 12.09 branch.
>
> Regards,
> Mirko

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCAAGBQJTuW4RAAoJEDg5KY9j7GZYQWkP/iclaAepF9RPNhtiBpyJ7enL
ILV7WRW1bZkEQSJ2OCXL0CpZJve8ba5eQ3YCP9sllNHgHkMAI4L/vBINJNjHi3Ti
FYdVILapqDGqqJqPCCL7h5e3BaOyqoSygvIXwNvPSt06c3RMQXjPf8dRlORvaVqc
Eg/7msI36/eRjB36PEdaFNCJyFHrwVWOMo4ChEJtrrrXJQnMeXoWdFn5Kqp2Lz0m
Nik/kKqglo2JysWCIdLjvrFXFCUhS7yEhPB6LM4GDVKJ7TlTe7Ou9dXDA4DyNRS/
+dOlzp35dmZLBz6K6/e7fApPzGjr0V0qtPMI9QoHlQ6DZUwvq4GN1peaemXhg6ss
pHhwwMcPlEJZcZH0t0SSqR+5KEPWCJ+8/2mJFdeOptjqdWWH1feCSEsfp44UDWa5
Jtdg3SfuNqA+58AlvEzkdjSNePU5skagQKRusl1m4PmnYO9t9im0OXHbg0yVedse
/9Af2P+j3TUL7UxFO8JDQMU+IETlLnmsG4CWBoDJfgv4CYzXVSb75qQSzIxvE44z
CF4zhUIkLcWFJatCmyLBw/1oKxTOJesVUzNwUXApNOJTj2KwazfmsMOJgBV/hMuo
GaQoCMtdI2XAHHTceDglGQ/b4NE/ngGzIq5pEGrIC982rfiWozIzcfJJSxvyDqHb
SR7QNptlrFZUzy24J1k7
=frGv
-----END PGP SIGNATURE-----
_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel



More information about the openwrt-devel mailing list