diff options
| author | Rene Mayrhofer <rene@mayrhofer.eu.org> | 2009-04-01 21:02:09 +0000 |
|---|---|---|
| committer | Rene Mayrhofer <rene@mayrhofer.eu.org> | 2009-04-01 21:02:09 +0000 |
| commit | 55ee41a66918fc6e48b7836414b146109d40f723 (patch) | |
| tree | d8fa2b97fe977bd5383f98b412c59def8ad40f2a | |
| parent | f46b6f36ae2a46f92f69b096a58d6ff96726a9ed (diff) | |
| download | vyos-strongswan-55ee41a66918fc6e48b7836414b146109d40f723.tar.gz vyos-strongswan-55ee41a66918fc6e48b7836414b146109d40f723.zip | |
- Removed patch that is now upstream.
| -rw-r--r-- | debian/changelog | 3 | ||||
| -rw-r--r-- | debian/patches/00list | 1 | ||||
| -rw-r--r-- | debian/patches/02-CVE-2009-0790.dpatch | 31 | ||||
| -rwxr-xr-x | debian/rules | 4 |
4 files changed, 4 insertions, 35 deletions
diff --git a/debian/changelog b/debian/changelog index 4930bb2c4..1784a0329 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,6 +1,7 @@ strongswan (4.2.14-1) unstable; urgency=low - * New upstream release + * New upstream release, which incorporates the fix. Removed dpatch for it. + Closes: #521950: CVE-2009-0790: DoS -- Rene Mayrhofer <rmayr@debian.org> Wed, 01 Apr 2009 22:17:52 +0200 diff --git a/debian/patches/00list b/debian/patches/00list index 565571969..e69de29bb 100644 --- a/debian/patches/00list +++ b/debian/patches/00list @@ -1 +0,0 @@ -02-CVE-2009-0790.dpatch diff --git a/debian/patches/02-CVE-2009-0790.dpatch b/debian/patches/02-CVE-2009-0790.dpatch deleted file mode 100644 index 1eef2fe3d..000000000 --- a/debian/patches/02-CVE-2009-0790.dpatch +++ /dev/null @@ -1,31 +0,0 @@ -#! /bin/sh /usr/share/dpatch/dpatch-run - -@DPATCH@ -diff -urN strongswan-4.2.13/src/pluto/ipsec_doi.c strongswan-4.2.13-patched/src/pluto/ipsec_doi.c ---- strongswan-4.2.13/src/pluto/ipsec_doi.c 2009-03-21 09:41:49.000000000 +0100 -+++ strongswan-4.2.4/src/pluto/ipsec_doi.c 2009-03-21 09:50:06.000000000 +0100 -@@ -5446,9 +5446,9 @@ - time_t tm = now(); - u_int32_t seqno; - -- if (!IS_ISAKMP_SA_ESTABLISHED(st->st_state)) -+ if (!st || !IS_ISAKMP_SA_ESTABLISHED(st->st_state)) - { -- loglog(RC_LOG_SERIOUS, "DPD: Received R_U_THERE for unestablished ISKAMP SA"); -+ loglog(RC_LOG_SERIOUS, "DPD: Received R_U_THERE for unestablished ISAKMP SA"); - return STF_IGNORE; - } - if (n->isan_spisize != COOKIE_SIZE * 2 || pbs_left(pbs) < COOKIE_SIZE * 2) -@@ -5516,10 +5516,10 @@ - { - u_int32_t seqno; - -- if (!IS_ISAKMP_SA_ESTABLISHED(st->st_state)) -+ if (!st || !IS_ISAKMP_SA_ESTABLISHED(st->st_state)) - { - loglog(RC_LOG_SERIOUS -- , "DPD: Received R_U_THERE_ACK for unestablished ISKAMP SA"); -+ , "DPD: Received R_U_THERE_ACK for unestablished ISAKMP SA"); - return STF_FAIL; - } - diff --git a/debian/rules b/debian/rules index d5f60230d..7e110ce65 100755 --- a/debian/rules +++ b/debian/rules @@ -44,10 +44,10 @@ endif patch: dh_testdir - dpatch apply-all + #dpatch apply-all unpatch: - dpatch deapply-all + #dpatch deapply-all build: build-stamp build-stamp: patch |