Mail archive
alpine-aports

[alpine-aports] [PATCH 3.1-stable] main/strongswan: security fix CVE-2015-8023

From: Christian Kampka <christian_at_kampka.net>
Date: Wed, 2 Dec 2015 21:12:35 +0100

fixes #4878
---
 main/strongswan/APKBUILD            |  6 +++++-
 main/strongswan/CVE-2015-8023.patch | 34 ++++++++++++++++++++++++++++++++++
 2 files changed, 39 insertions(+), 1 deletion(-)
 create mode 100644 main/strongswan/CVE-2015-8023.patch
diff --git a/main/strongswan/APKBUILD b/main/strongswan/APKBUILD
index 26c649f..5e72ff1 100644
--- a/main/strongswan/APKBUILD
+++ b/main/strongswan/APKBUILD
_at_@ -2,7 +2,7 @@
 # Maintainer: Natanael Copa <ncopa_at_alpinelinux.org>
 pkgname=strongswan
 pkgver=5.2.2
-pkgrel=0
+pkgrel=1
 pkgdesc="IPsec-based VPN solution focused on security and ease of use, supporting IKEv1/IKEv2 and MOBIKE"
 url="http://www.strongswan.org/"
 arch="all"
_at_@ -13,6 +13,7 @@ makedepends="$depends_dev"
 install=""
 subpackages="$pkgname-doc"
 source="http://download.strongswan.org/$pkgname-$pkgver.tar.bz2
+	CVE-2015-8023.patch
 	strongswan.initd"
 
 _builddir="$srcdir/$pkgname-$pkgver"
_at_@ -91,8 +92,11 @@ package() {
 }
 
 md5sums="7ee1a33060b2bde35be0f6d78a1d26d0  strongswan-5.2.2.tar.bz2
+ad2433a351cf491f60f587d4895b0ad2  CVE-2015-8023.patch
 fb9822512d02f521af8812db22a5175e  strongswan.initd"
 sha256sums="cf2fbfdf200a5eced796f00dc11fea67ce477d38c54d5f073ac6c51618b172f4  strongswan-5.2.2.tar.bz2
+a3ed08c7fc2a7d5876109b9c561e0412b917708921a966a9c79de62db10a9881  CVE-2015-8023.patch
 e4add8941d545930bba43d7d3af302bc436d7c0264a2796480226567e2b12e54  strongswan.initd"
 sha512sums="80ae5551d16e8ddcff71426c1ec996388f32cec8a027f722e8f5151cdd67f09d65705a702ff8c3f2702dca6470e525eb2af2459f7ced9d5923570a331491d534  strongswan-5.2.2.tar.bz2
+c4306f57a24563c4c8fd9d6d7c4bf579433d0b98462058b811265cc918a44e105d4ac08d830d025fcff1d43dcc96f8eb3c3651d2ee50978586fa2f9f0087a99b  CVE-2015-8023.patch
 2f2936865e494a9454329867acfb71ca323f90dec526a97f7d0c18422deb54205f81f9f592ed6c3b474fe5e954ebcb90eed0311e52fa3a86a982d80ba9a45be8  strongswan.initd"
diff --git a/main/strongswan/CVE-2015-8023.patch b/main/strongswan/CVE-2015-8023.patch
new file mode 100644
index 0000000..e519a1f
--- /dev/null
+++ b/main/strongswan/CVE-2015-8023.patch
_at_@ -0,0 +1,34 @@
+From 91762f11e223e33b82182150d7c4cf7c2ec3cefa Mon Sep 17 00:00:00 2001
+From: Tobias Brunner <tobias_at_strongswan.org>
+Date: Thu, 29 Oct 2015 11:18:27 +0100
+Subject: [PATCH] eap-mschapv2: Only succeed authentication if MSK was
+ established
+
+An MSK is only established if the client successfully authenticated
+itself and only then must we accept an MSCHAPV2_SUCCESS message.
+
+Fixes CVE-2015-8023
+---
+ src/libcharon/plugins/eap_mschapv2/eap_mschapv2.c | 6 +++++-
+ 1 file changed, 5 insertions(+), 1 deletion(-)
+
+diff --git a/src/libcharon/plugins/eap_mschapv2/eap_mschapv2.c b/src/libcharon/plugins/eap_mschapv2/eap_mschapv2.c
+index f7f39f9841d2..931e3c41dde4 100644
+--- a/src/libcharon/plugins/eap_mschapv2/eap_mschapv2.c
++++ b/src/libcharon/plugins/eap_mschapv2/eap_mschapv2.c
+_at_@ -1145,7 +1145,11 @@ METHOD(eap_method_t, process_server, status_t,
+ 		}
+ 		case MSCHAPV2_SUCCESS:
+ 		{
+-			return SUCCESS;
++			if (this->msk.ptr)
++			{
++				return SUCCESS;
++			}
++			break;
+ 		}
+ 		case MSCHAPV2_FAILURE:
+ 		{
+-- 
+1.9.1
+
-- 
2.6.2
---
Unsubscribe:  alpine-aports+unsubscribe_at_lists.alpinelinux.org
Help:         alpine-aports+help_at_lists.alpinelinux.org
---
Received on Wed Dec 02 2015 - 21:12:35 GMT