Release and vulnerability announcements for strongSwan

strongSwan 5.7.1 Released

strongSwan 5.7.1 fixes a denial-of-service vulnerability in last week's 5.7.0 release and the patch for the vulnerability that was fixed with it.

Denial-of-Service Vulnerability in the gmp Plugin (CVE-2018-17540)

A denial-of-service vulnerability in the gmp plugin was fixed. It's caused by the patch that fixes CVE-2018-16151/2, so any strongSwan version with that patch applied is also affected.

More information is provided in a separate blog entry.

This release does not contain any other changes. Please refer to last week's announcement of 5.7.0 for new features and other fixes.


Download Complete Changelog