Blog

Release and vulnerability announcements for strongSwan

We are proud to announce the release of strongSwan 5.2.1, which comes with support for systemd, IKEv2 fragmentation, segmentation of large PA-TNC attributes, a Ruby interface to vici and several other new features and fixes.

We are proud to announce the release of strongSwan 5.2.0, which brings a native Windows port, a more flexible configuration and control interface and many other new features and fixes.

A DoS vulnerability triggered by crafted ID payloads was discovered in strongSwan. Versions since 4.3.3 and before 5.1.2 are affected.

An authentication bypass vulnerability was discovered in strongSwan. It can be triggered by rekeying an unestablished IKEv2 SA while it gets actively initiated. All versions since 4.0.7 are affected.

strongSwan 5.1.3 fixes a security vulnerability and adds support for X.509 attribute certificates.

We are happy to announce the release of strongSwan 5.1.2, which brings a new default config file layout, a post-quantum computer key exchange method and several other new features and fixes.