From: Wang Mingyu <[email protected]> Changelog: =========== - CVE-2026-35328 - Fixed a vulnerability in libtls related to the processing of the supported_versions extension in TLS that can result in an infinite loop. - CVE-2026-35329 - Fixed a vulnerability in libstrongswan and the pkcs7 plugin related to the processing of encrypted PKCS#7 containers that can result in a crash. - CVE-2026-35330 - Fixed a vulnerability in in libsimaka related to the processing of certain EAP-SIM/AKA attributes that can result in an infinite loop or a heap-based buffer overflow and potentially remote code execution. - CVE-2026-35331 - Fixed a vulnerability in the constraints plugin related to the processing of X.509 name constraints that can allow authentication with certificates that violate the constraints. - CVE-2026-35332 - Fixed a vulnerability in libtls related to the processing of ECDH public values in TLS < 1.3 that can result in a crash. - CVE-2026-35333 - Fixed a vulnerability in libradius related to the processing of RADIUS attributes that can result in an infinite loop or an out-of-bounds read that may cause a crash. - CVE-2026-35334 - Fixed a vulnerability in the gmp plugin related to RSA decryption that can result in a crash. - Made the Botan RNG types used/provided by the botan plugin configurable. - The fix for the vulnerability in the constraints plugin now causes all certificates that contain excluded name constraints of type directoryName (DN) to get rejected.
Signed-off-by: Wang Mingyu <[email protected]> Signed-off-by: Khem Raj <[email protected]> (cherry picked from commit b05b177ae5473395ab2fe6f341c0efd129dcfb68) Signed-off-by: Anuj Mittal <[email protected]> --- .../strongswan/{strongswan_6.0.5.bb => strongswan_6.0.6.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-networking/recipes-support/strongswan/{strongswan_6.0.5.bb => strongswan_6.0.6.bb} (99%) diff --git a/meta-networking/recipes-support/strongswan/strongswan_6.0.5.bb b/meta-networking/recipes-support/strongswan/strongswan_6.0.6.bb similarity index 99% rename from meta-networking/recipes-support/strongswan/strongswan_6.0.5.bb rename to meta-networking/recipes-support/strongswan/strongswan_6.0.6.bb index 405080070c..daa6552899 100644 --- a/meta-networking/recipes-support/strongswan/strongswan_6.0.5.bb +++ b/meta-networking/recipes-support/strongswan/strongswan_6.0.6.bb @@ -10,7 +10,7 @@ DEPENDS:append = "${@bb.utils.contains('DISTRO_FEATURES', 'tpm2', ' tpm2-tss', SRC_URI = "https://download.strongswan.org/strongswan-${PV}.tar.bz2" -SRC_URI[sha256sum] = "437460893655d6cfbc2def79d2da548cb5175b865520c507201ab2ec2e7895d9" +SRC_URI[sha256sum] = "07df7cedae56a7f3bb07e66d21a1f9f87e961db70e99184e11d3819413e4f87c" UPSTREAM_CHECK_REGEX = "strongswan-(?P<pver>\d+(\.\d+)+)\.tar" -- 2.53.0
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#127024): https://lists.openembedded.org/g/openembedded-devel/message/127024 Mute This Topic: https://lists.openembedded.org/mt/119355192/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
