/[ports]

Revision 467375

Jump to revision:
Author:	eugen
Date:	Sun Apr 15 08:51:11 2018 UTC (6 years, 2 months ago)
Changed paths:	6
Log Message:	MFH: r467313 security/ipsec-tools: fix CVE-2016-10396 The racoon daemon in IPsec-Tools 0.8.2 contains a remotely exploitable computational-complexity attack when parsing and storing ISAKMP fragments. The implementation permits a remote attacker to exhaust computational resources on the remote endpoint by repeatedly sending ISAKMP fragment packets in a particular order such that the worst-case computational complexity is realized in the algorithm utilized to determine if reassembly of the fragments can take place. The fix obtained from NetBSD CVS head with a command: cvs diff -D 2017-01-24 -D 2017-09-01 \ src/racoon/handler.h \ src/racoon/isakmp.c \ src/racoon/isakmp_frag.c \ src/racoon/isakmp_inf.c While here, add LICENSE. PR: 225066 Approved by: ports-secteam (riggs) Obtained from: NetBSD Security: CVE-2016-10396 Security: https://www.vuxml.org/freebsd/974a6d32-3fda-11e8-aea4-001b216d295b.html

Changed paths

Path	Details
branches/2018Q2/	modified , props changed
branches/2018Q2/security/ipsec-tools/Makefile	modified , text changed
branches/2018Q2/security/ipsec-tools/files/patch-handler.c (Copied from head/security/ipsec-tools/files/patch-handler.c, r467313)	added
branches/2018Q2/security/ipsec-tools/files/patch-isakmp.c (Copied from head/security/ipsec-tools/files/patch-isakmp.c, r467313)	added
branches/2018Q2/security/ipsec-tools/files/patch-isakmp_frag.c (Copied from head/security/ipsec-tools/files/patch-isakmp_frag.c, r467313)	added
branches/2018Q2/security/ipsec-tools/files/patch-isakmp_inf.c (Copied from head/security/ipsec-tools/files/patch-isakmp_inf.c, r467313)	added

	ViewVC Help
Powered by ViewVC 1.1.27