From: Wang Mingyu <[email protected]>

Changelog:
===========
- CVE-2026-35328 - Fixed a vulnerability in libtls related to the processing of
  the supported_versions extension in TLS that can result in an infinite loop.
- CVE-2026-35329 - Fixed a vulnerability in libstrongswan and the pkcs7 plugin
  related to the processing of encrypted PKCS#7 containers that can result in
  a crash.
- CVE-2026-35330 - Fixed a vulnerability in in libsimaka related to the
  processing of certain EAP-SIM/AKA attributes that can result in an infinite
  loop or a heap-based buffer overflow and potentially remote code execution.
- CVE-2026-35331 - Fixed a vulnerability in the constraints plugin related to
  the processing of X.509 name constraints that can allow authentication with
  certificates that violate the constraints.
- CVE-2026-35332 - Fixed a vulnerability in libtls related to the processing of
  ECDH public values in TLS < 1.3 that can result in a crash.
- CVE-2026-35333 - Fixed a vulnerability in libradius related to the processing
  of RADIUS attributes that can result in an infinite loop or an out-of-bounds
  read that may cause a crash.
- CVE-2026-35334 - Fixed a vulnerability in the gmp plugin related to RSA
  decryption that can result in a crash.
- Made the Botan RNG types used/provided by the botan plugin configurable.
- The fix for the vulnerability in the constraints plugin now causes all
  certificates that contain excluded name constraints of type directoryName (DN)
  to get rejected.

Signed-off-by: Wang Mingyu <[email protected]>
Signed-off-by: Khem Raj <[email protected]>
(cherry picked from commit b05b177ae5473395ab2fe6f341c0efd129dcfb68)
Signed-off-by: Anuj Mittal <[email protected]>
---
 .../strongswan/{strongswan_6.0.5.bb => strongswan_6.0.6.bb}     | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta-networking/recipes-support/strongswan/{strongswan_6.0.5.bb => 
strongswan_6.0.6.bb} (99%)

diff --git a/meta-networking/recipes-support/strongswan/strongswan_6.0.5.bb 
b/meta-networking/recipes-support/strongswan/strongswan_6.0.6.bb
similarity index 99%
rename from meta-networking/recipes-support/strongswan/strongswan_6.0.5.bb
rename to meta-networking/recipes-support/strongswan/strongswan_6.0.6.bb
index 405080070c..daa6552899 100644
--- a/meta-networking/recipes-support/strongswan/strongswan_6.0.5.bb
+++ b/meta-networking/recipes-support/strongswan/strongswan_6.0.6.bb
@@ -10,7 +10,7 @@ DEPENDS:append = "${@bb.utils.contains('DISTRO_FEATURES', 
'tpm2', '  tpm2-tss',
 
 SRC_URI = "https://download.strongswan.org/strongswan-${PV}.tar.bz2";
 
-SRC_URI[sha256sum] = 
"437460893655d6cfbc2def79d2da548cb5175b865520c507201ab2ec2e7895d9"
+SRC_URI[sha256sum] = 
"07df7cedae56a7f3bb07e66d21a1f9f87e961db70e99184e11d3819413e4f87c"
 
 UPSTREAM_CHECK_REGEX = "strongswan-(?P<pver>\d+(\.\d+)+)\.tar"
 
-- 
2.53.0

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#127024): 
https://lists.openembedded.org/g/openembedded-devel/message/127024
Mute This Topic: https://lists.openembedded.org/mt/119355192/21656
Group Owner: [email protected]
Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub 
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to