diff --git a/fix-algparse-unknown-option-d.patch b/fix-algparse-unknown-option-d.patch deleted file mode 100644 index 3ec70f7c56431ae6b4e88a320abbc531b2d2ad4d..0000000000000000000000000000000000000000 --- a/fix-algparse-unknown-option-d.patch +++ /dev/null @@ -1,26 +0,0 @@ -From 55e0f262c77a5f9f2d2d6b833a58b9293efcdc4b Mon Sep 17 00:00:00 2001 -From: caodongxia <315816521@qq.com> -Date: Wed, 11 Aug 2021 10:43:22 +0800 -Subject: [PATCH] fix algparse unknown option -d - ---- - programs/algparse/algparse.c | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/programs/algparse/algparse.c b/programs/algparse/algparse.c -index 3820d63..afd5702 100644 ---- a/programs/algparse/algparse.c -+++ b/programs/algparse/algparse.c -@@ -566,7 +566,8 @@ static void usage(void) - " -P | -nsspw | -password :\n" - " to unlock crypto database\n" - " -v --verbose: be more verbose\n" -- " -d --debug: enable debug logging\n" -+ " --debug: enable debug logging\n" -+ /* -d is reserved */ - " --impair: disable all algorithm parser checks\n" - " --ignore: ignore parser errors (or at least some)\n" - " -p1: simple parser\n" --- -2.27.0 - diff --git a/fix-shift-count-out-of-range.patch b/fix-shift-count-out-of-range.patch deleted file mode 100644 index 8364711784f868333f72791de0362b024bcec4e2..0000000000000000000000000000000000000000 --- a/fix-shift-count-out-of-range.patch +++ /dev/null @@ -1,27 +0,0 @@ -From b6e379ceb25e0b0eb852960a2fe9dcb95f85cff9 Mon Sep 17 00:00:00 2001 -From: caodongxia <315816521@qq.com> -Date: Tue, 17 Aug 2021 09:34:25 +0800 -Subject: [PATCH] fix shift count out of range - ---- - programs/auto/auto.in | 4 +++- - 1 file changed, 3 insertions(+), 1 deletion(-) - -diff --git a/programs/auto/auto.in b/programs/auto/auto.in -index e69bf19..4111b53 100755 ---- a/programs/auto/auto.in -+++ b/programs/auto/auto.in -@@ -113,7 +113,9 @@ do - break - ;; - esac -- shift -+ if [ $# -gt 0 ]; then -+ shift -+ fi - done - - names= --- -2.27.0 - diff --git a/libreswan-4.1.tar.gz b/libreswan-4.11.tar.gz similarity index 31% rename from libreswan-4.1.tar.gz rename to libreswan-4.11.tar.gz index 45b3509154c862e77e2a9d0a70a08c6ed3c7c66e..6229d057eef44edf00b3474c91fd3db283e8758e 100644 Binary files a/libreswan-4.1.tar.gz and b/libreswan-4.11.tar.gz differ diff --git a/libreswan.spec b/libreswan.spec index a982c3cbd124c87950d361ee055eaae6108491ff..05e043e34f1d8400faa3206e3a389e8baaab13a4 100644 --- a/libreswan.spec +++ b/libreswan.spec @@ -18,15 +18,15 @@ USE_LINUX_AUDIT=true \\\ USE_NM=true \\\ USE_SECCOMP=true \\\ - USE_XAUTHPAM=true \\\ + USE_AUTHPAM=true \\\ USE_NSS_KDF=true \\\ %{nil} Name: libreswan Summary: IKE implementation for IPsec with IKEv1 and IKEv2 support -Version: 4.1 -Release: 3 +Version: 4.11 +Release: 1 License: GPLv2 Url: https://libreswan.org/ Source0: https://download.libreswan.org/%{name}-%{version}.tar.gz @@ -35,8 +35,6 @@ Source2: https://download.libreswan.org/cavs/ikev1_psk.fax.bz2 Source3: https://download.libreswan.org/cavs/ikev2.fax.bz2 Source4: openeuler-libreswan-sysctl.conf -Patch0: fix-algparse-unknown-option-d.patch -Patch1: fix-shift-count-out-of-range.patch BuildRequires: audit-libs-devel BuildRequires: bison @@ -94,9 +92,7 @@ Summary: Help documents for libreswan Man pages and other related help documents for libreswan. %prep -%setup -q -n libreswan-%{version}%{?prever} -%patch0 -p1 -%patch1 -p1 +%autosetup -n libreswan-%{version}%{?prever} -p1 sed -i "s/-lfreebl //" mk/config.mk @@ -108,6 +104,9 @@ sed -i '/config setup/a\\t# Specifies a directory forNSS database files\n\tnssdi sed -i '/ipsec --checknss/s/$/ --nssdir \/etc\/ipsec.d/' ./initsystems/systemd/ipsec.service.in +linux_variant=`sed -n -e 's/"//g' -e 's/^ID_LIKE=//p' -e 's/^ID=//p' /etc/os-release` +sed -i "s/filter fedora/filter fedora $linux_variant/" mk/defaults/linux.mk + %build make %{?_smp_mflags} \ OPTIMIZE_CFLAGS="%{optflags}" \ @@ -182,6 +181,7 @@ certutil -N -d sql:$tmpdir --empty-password %attr(0644,root,root) %{_unitdir}/ipsec.service %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/pam.d/pluto %attr(0700,root,root) %dir %{_sharedstatedir}/ipsec/nss +%config(noreplace) %{_sysconfdir}/logrotate.d/libreswan %{_sbindir}/ipsec %{_libexecdir}/ipsec @@ -191,6 +191,9 @@ certutil -N -d sql:$tmpdir --empty-password %attr(0644,root,root) %doc %{_mandir}/*/* %changelog +* Tue May 30 2023 wangkai <13474090681@163.com> - 4.11-1 +- Update to 4.11 for fix CVE-2023-30570 + * Tue Aug 17 2021 caodongxia - 4.1-3 - Fix shift count out of range