[strongSwan] Notice regardings OpenWRT and StrongSwan

Noel Kuntze noel at familie-kuntze.de
Sun Jul 6 19:21:49 CEST 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hello list,

OpenWRT did not backport the fix for CVE-2014-2338 to the 12.09 release "Attitude Adjustment".
This means, that if you're using the stable repository for the release and using StrongSwan,
you need to temporarily switch to the trunk repository to get the fixed version.

To check if you are using the stable version, check the file /etc/opkg.conf and look for the
"src/gz" line. If you are using the release repository, it looks similiar to this:
"src/gz snapshots http://downloads.openwrt.org/attitude_adjustment/12.09/HEREISYOURARCHITECTURE/generic/packages".
To change the repository, change the third argument to this: "http://downloads.openwrt.org/snapshots/trunk/HEREISYOURARCHITECTURE/packages/".

Be aware, that if you are using the trunk repository, you won't be able to download kernel modules, as the ones in the trunk repository are built for the newest kernel built.

Regards,
Noel Kuntze

- -- 
GPG Key id: 0x63EC6658
Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCAAGBQJTuYWtAAoJEDg5KY9j7GZYHeIP/iS6UQo73Oy2bRks1RMc/vSz
hctcOkRE2NXsXYkNMyfntC8vLdiXHDi8PXC9jcZeDwDI0RKimP8DGRCfvcSxoNL5
cRjxBICtMcopFQBH6zVB6FtUcovtt+U4UPmfRmmNp50Lm+8zUHcAOWnFW9tP410F
3ODa0zR2rbPHpoXLUSvLlmz/Z1EZgMpm5CxBXGyyvPPfGy9ed8CDR0fQdIJFrlyi
0eyL1RMKsDvW35rMb6WI+7LpLq4J+MP4Wguv9194Rhxbc/OHnRhbhUO81cAABUft
2Mq0aw7PbKAt75kaJPegmfKqpzABysKbuYATNA8T4J85sGPbZpEUpcdCrGJQxm68
YIJaxDdb73ruubSJovEYhlrItOp4Cb+tTgPBxSkdJ2tKUAoIMB3gQtb+DzWqebEX
UDqP5GmX7WgiL/MkJt4VXr1/x36ig49/23GZuep8h/iMjD5DOSzAoJ+XhR8hNS3p
0F2RRhcJb1Jv3Kh4Ldvajs4KxZo7V8CcxqCmTA53vqmpcbBLK5SHJOPUjOqzW09g
yme6/N2UmnmU9z/ZZrpe8BOfn8mfLtGS3x7YO5XeM49vKPnMddOci1N1owbgiVmz
2KvuAYV5srJr0C3b1cg2tKvEvGtPaU2mrz14mjsFN3dLojsnCGvYhOext62xbOZQ
zVS3ya6xvoDT5fK4FMzZ
=P4b/
-----END PGP SIGNATURE-----



More information about the Users mailing list