Skip to content
GitLab
Explore
Sign in
Register
Primary navigation
Search or go to…
Project
aports
Manage
Activity
Members
Labels
Plan
Issues
Issue boards
Milestones
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Build
Pipelines
Jobs
Pipeline schedules
Artifacts
Deploy
Releases
Model registry
Monitor
Service Desk
Analyze
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Terms and privacy
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
alpine
aports
Commits
02c51183
Commit
02c51183
authored
3 years ago
by
J0WI
Committed by
Kevin Daudt
2 years ago
Browse files
Options
Downloads
Patches
Plain Diff
community/libreswan: security upgrade to 4.6
parent
0112743b
No related branches found
No related tags found
1 merge request
!32458
[3.15] community/libreswan: security upgrade to 4.6
Pipeline
#120436
passed
2 years ago
Changes
3
Pipelines
1
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
community/libreswan/APKBUILD
+13
-13
13 additions, 13 deletions
community/libreswan/APKBUILD
community/libreswan/fix-includes.patch
+0
-11
0 additions, 11 deletions
community/libreswan/fix-includes.patch
community/libreswan/nss_compat.patch
+0
-13
0 additions, 13 deletions
community/libreswan/nss_compat.patch
with
13 additions
and
37 deletions
community/libreswan/APKBUILD
+
13
−
13
View file @
02c51183
# Contributor: Will Sinatra <wpsinatra@gmail.com>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname
=
libreswan
pkgver
=
4.
4
pkgrel
=
1
pkgver
=
4.
6
pkgrel
=
0
pkgdesc
=
"IPsec implementation for Linux"
url
=
"https://libreswan.org"
url
=
"https://libreswan.org
/
"
arch
=
"all"
license
=
"GPL-2.0-or-later"
depends
=
"nss-tools iproute2"
provides
=
"openswan"
options
=
"!check"
# no testsuite
makedepends
=
"bison flex coreutils bash xmlto
gmp-dev linux-pam-dev nss-dev unbound-dev libcap-ng-dev
curl-dev nspr-dev bsd-compat-headers ldns-dev
"
subpackages
=
"
$pkgname
-doc
$pkgname
-openrc"
source
=
"https://download.libreswan.org/libreswan-
$pkgver
.tar.gz
fix-includes.patch
nss_compat.patch
Makefile.inc.local"
# secfixes:
# 4.6-r0:
# - CVE-2022-23094
# 3.32-r0:
# - CVE-2020-1763
# 3.29-r0:
...
...
@@ -30,26 +31,25 @@ source="https://download.libreswan.org/libreswan-$pkgver.tar.gz
build
()
{
cp
$srcdir
/Makefile.inc.local
$builddir
make
WERROR_CFLAGS
=
""
\
IN
C_RC
DEFAULT
=
/etc/init.d
\
INC_USRLOCAL
=
/usr
\
IN
ITDIR_
DEFAULT
=
/etc/init.d
\
PREFIX
=
/usr
\
FINALBINDIR
=
/usr/libexec/ipsec
\
FINALLIBEXECDIR
=
/usr/libexec/ipsec
\
programs
}
package
()
{
make
IN
C_
MANDIR
=
share/man
\
IN
C_RC
DEFAULT
=
/etc/init.d
\
INC_USRLOCAL
=
/usr
\
make
F
IN
AL
MANDIR
=
share/man
\
IN
ITDIR_
DEFAULT
=
/etc/init.d
\
PREFIX
=
/usr
\
DESTDIR
=
"
$pkgdir
"
\
INSTCONFFLAGS
=
-m644
\
FINALBINDIR
=
/usr/libexec/ipsec
\
FINALLIBEXECDIR
=
/usr/libexec/ipsec
\
install
}
sha512sums
=
"
108b2ac7a36454c48ce448a83ddd81e72d7fbb7cf8b042116d9bd31f195cdab4ccd6311d72af7ab4cc6d054df50d30a6bfc50b56fe7cbfd35d54a68804a6678b libreswan-4.4.tar.gz
60e1560cb6716b2a281b73893582d7d0b5e17c729c22aebd448927c365efca3589a3e6bb926c03e8fba460d98d36203aa544cc3da2df4f8f804a7ba7bd31ea1c fix-includes.patch
4729de7d7c4157104574b2d6a86ae399ca92898269e4a6e0363a8ce464351b0e1011137895f5e17df23a60049bad564644cd94216e10fe426897f3fdea347328 nss_compat.patch
c1c3efd7665dee6caaf08cb5aa50fcd37c299acad4b62648284fdb04edd50ba8fc8d33a9fb210edaf2312697f8cd251f33a6b16587eb2cfefd1269b4482dd499 libreswan-4.6.tar.gz
36415fae9b6674d66b7728fbc1df4bb3c4fcb16f0bbe88ead1f23e553bb51a9deb288a8659a0050a3fb1e14c3dbb8fb8524e9ef48fb6842dc94b11b758349c58 Makefile.inc.local
"
This diff is collapsed.
Click to expand it.
community/libreswan/fix-includes.patch
deleted
100644 → 0
+
0
−
11
View file @
0112743b
--- a/include/fd.h
+++ b/include/fd.h
@@ -25,7 +25,7 @@
#define FD_H
#include <stdbool.h>
-#include <stdlib.h> /* for ssize_t */
+#include <sys/types.h> /* for ssize_t */
#include "where.h"
This diff is collapsed.
Click to expand it.
community/libreswan/nss_compat.patch
deleted
100644 → 0
+
0
−
13
View file @
0112743b
#2020/9/23 Patch is upstream, but not officially released. Should be released in libreswan 3.33+
#Description: Force NSS compatibility to allow libreswan to properly autonegotiate IKE encryption
--- a/lib/libswan/ike_alg_encrypt_nss_gcm_ops.c
+++ b/lib/libswan/ike_alg_encrypt_nss_gcm_ops.c
@@ -16,6 +16,8 @@
#include <stdio.h>
#include <stdlib.h>
+#define NSS_PKCS11_2_0_COMPAT 1
+
#include "lswlog.h"
#include "lswnss.h"
#include "prmem.h"
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment