package/strongswan: annotate CVEs

author Fabrice Fontaine <fontaine.fabrice@gmail.com>

Fri, 10 Apr 2020 19:11:04 +0000 (21:11 +0200)

committer Thomas Petazzoni <thomas.petazzoni@bootlin.com>

Fri, 10 Apr 2020 20:32:25 +0000 (22:32 +0200)
author Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fri, 10 Apr 2020 19:11:04 +0000 (21:11 +0200)
committer Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fri, 10 Apr 2020 20:32:25 +0000 (22:32 +0200)
diff --git a/package/strongswan/strongswan.mk b/package/strongswan/strongswan.mk

index 021a59cecc6e2c0a99d9d9976824e95df5ac983c..7f1752ce574d0bed255eeda8f319f01afc8eb6b7 100644 (file)
--- a/package/strongswan/strongswan.mk
+++ b/package/strongswan/strongswan.mk
@@ -43,6 +43,11 @@ STRONGSWAN_CONF_OPTS += \
         --with-imcvdir=/usr/lib/ipsec/imcvs \
         --with-dev-headers=/usr/include
  
+# strongswan-5.6.1-5.6.3_gmp-pkcs1-verify.patch
+STRONGSWAN_IGNORE_CVES += CVE-2018-16151 CVE-2018-16152
+# strongswan-4.4.0-5.7.0_gmp-pkcs1-overflow.patch
+STRONGSWAN_IGNORE_CVES += CVE-2018-17540
+
  ifeq ($(BR2_TOOLCHAIN_HAS_LIBATOMIC),y)
  STRONGSWAN_CONF_ENV += LIBS='-latomic'
  endif
author	Fabrice Fontaine <fontaine.fabrice@gmail.com>
	Fri, 10 Apr 2020 19:11:04 +0000 (21:11 +0200)
committer	Thomas Petazzoni <thomas.petazzoni@bootlin.com>
	Fri, 10 Apr 2020 20:32:25 +0000 (22:32 +0200)