package/strongswan: update to 6.0.4

See here for Changes:
https://github.com/strongswan/strongswan/releases/tag/6.0.4

Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
[Marcus: remove patch and CVE_IGNORE]
Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>

package/strongswan/0001-eap_mschapv2_failure_request_len.patch

@@ -1,46 +0,0 @@
-From dda24815d148b91209ebf2d27e3a7acefe9b6435 Mon Sep 17 00:00:00 2001
-From: Tobias Brunner <tobias@strongswan.org>
-Date: Thu, 9 Oct 2025 11:33:45 +0200
-Subject: [PATCH] eap-mschapv2: Fix length check for Failure Request packets on
- the client
-
-For message lengths between 6 and 8, subtracting HEADER_LEN (9) causes
-`message_len` to become negative, which is then used in calls to malloc()
-and memcpy() that both take size_t arguments, causing an integer
-underflow.
-
-For 6 and 7, the huge size requested from malloc() will fail (it exceeds
-PTRDIFF_MAX) and the returned NULL pointer will cause a segmentation
-fault in memcpy().
-
-However, for 8, the allocation is 0, which succeeds.  But then the -1
-passed to memcpy() causes a heap-based buffer overflow (and possibly a
-segmentation fault when attempting to read/write that much data).
-Fortunately, if compiled with -D_FORTIFY_SOURCE=3 (the default on e.g.
-Ubuntu), the compiler will use __memcpy_chk(), which prevents that buffer
-overflow and causes the daemon to get aborted immediately instead.
-
-Fixes: f98cdf7a4765 ("adding plugin for EAP-MS-CHAPv2")
-CVE: CVE-2025-62291
-Upstream: https://github.com/strongswan/strongswan/commit/c687ada6a6f68913651e355fd09f906893096b32
-Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
----
- src/libcharon/plugins/eap_mschapv2/eap_mschapv2.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/libcharon/plugins/eap_mschapv2/eap_mschapv2.c b/src/libcharon/plugins/eap_mschapv2/eap_mschapv2.c
-index 21cc95a6a360..35faad2e0bb5 100644
---- a/src/libcharon/plugins/eap_mschapv2/eap_mschapv2.c
-+++ b/src/libcharon/plugins/eap_mschapv2/eap_mschapv2.c
-@@ -974,7 +974,7 @@ static status_t process_peer_failure(private_eap_mschapv2_t *this,
- 	data = in->get_data(in);
- 	eap = (eap_mschapv2_header_t*)data.ptr;
- 
--	if (data.len < 3) /* we want at least an error code: E=e */
-+	if (data.len < HEADER_LEN + 3) /* we want at least an error code: E=e */
- 	{
- 		DBG1(DBG_IKE, "received invalid EAP-MS-CHAPv2 message: too short");
- 		return FAILED;
--- 
-2.43.0
-

package/strongswan/strongswan.hash

@@ -1,7 +1,7 @@
-# From http://download.strongswan.org/strongswan-5.9.14.tar.bz2.md5
-md5  21ca3fc7c18456405d03b77266ba630a  strongswan-5.9.14.tar.bz2
+# From http://download.strongswan.org/strongswan-6.0.4.tar.bz2.md5
+md5  f6b78a99e95179b6a65df218d75da7ca  strongswan-6.0.4.tar.bz2
 # Calculated based on the hash above
-sha256  728027ddda4cb34c67c4cec97d3ddb8c274edfbabdaeecf7e74693b54fc33678  strongswan-5.9.14.tar.bz2
+sha256  79576bb61b9a406cea9eb73d0c565cc6254a6b6d2e7198f44758d2d7c61a7aec  strongswan-6.0.4.tar.bz2
 # Locally calculated
 sha256  8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643  COPYING
 sha256  2292e21797754548dccdef9eef6aee7584e552fbd890fa914e1de8d3577d23f0  LICENSE

package/strongswan/strongswan.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-STRONGSWAN_VERSION = 5.9.14
+STRONGSWAN_VERSION = 6.0.4
 STRONGSWAN_SOURCE = strongswan-$(STRONGSWAN_VERSION).tar.bz2
 STRONGSWAN_SITE = http://download.strongswan.org
 STRONGSWAN_LICENSE = GPL-2.0+
@@ -12,8 +12,6 @@ STRONGSWAN_LICENSE_FILES = COPYING LICENSE
 STRONGSWAN_CPE_ID_VENDOR = strongswan
 STRONGSWAN_DEPENDENCIES = host-pkgconf
 STRONGSWAN_INSTALL_STAGING = YES
-# 0001-eap_mschapv2_failure_request_len.patch
-STRONGSWAN_IGNORE_CVES += CVE-2025-62291
 STRONGSWAN_CONF_OPTS += \
 	--without-lib-prefix \
 	--enable-led \