A denial-of-service vulnerability in the IKEv2 key derivation if the openssl plugin is used in FIPS mode and HMAC-MD5 is negotiated as PRF was discovered, all strongSwan versions since 5.0.1 may be affected.
A denial-of-service vulnerability in the IKEv2 key derivation if the openssl plugin is used in FIPS mode and HMAC-MD5 is negotiated as PRF was discovered, all strongSwan versions since 5.0.1 may be affected.
A denial-of-service vulnerability in the stroke plugin was discovered in strongSwan. All versions are affected in certain configurations.
A denial-of-service vulnerability in the gmp plugin was discovered in strongSwan. All versions are affected.
A denial-of-service vulnerability in the gmp plugin was discovered in strongSwan. All versions since 4.4.0 are affected.
A denial-of-service vulnerability in the x509 plugin was discovered in strongSwan. All versions are affected.
We are proud to announce the release of strongSwan 5.4.0 which makes VICI the preferred management interface, enforces a consistent 128 bit default security strength and brings support for IKEv2 redirection.
An authentication bypass vulnerability in the eap-mschapv2 plugin was discovered in strongSwan. All versions since 4.2.12 are affected.
An information leak vulnerability that affects certain IKEv2 setups was discovered in strongSwan. All versions since 4.3.0 are affected.