We are happy to announce the release of strongSwan 6.0.0, which brings support for multiple classic and post-quantum key exchanges, supports ML-KEM, changes default crypto plugins, improves child rekey collision handling, and comes with several other new features and fixes.
This advisory reclassifies an old bug in our TLS library as a potential authorization bypass vulnerability in order to get the fix applied to affected distribution packages. The bug is contained in versions 5.9.2 through 5.9.5 and was fixed with 5.9.6, which was released in August 2022.
We are happy to announce the release of strongSwan 5.9.14, which brings support for the IKEv2 OCSP extensions, improves X.509 name constraints validation, adds managed configurations to the Android app, and comes with several other new features and fixes.