Blog

Release and vulnerability announcements for strongSwan

An authentication bypass vulnerability in the eap-mschapv2 plugin was discovered in strongSwan. All versions since 4.2.12 are affected.

We are happy to announce the release of strongSwan 5.3.4, which fixes a vulnerability and several other issues.

We are happy to announce the release of strongSwan 5.3.3, which brings support for the ChaCha20/Poly1305 AEAD cipher, configuration of auxiliary CA information such as CRL and OCSP URIs via VICI, and adds numerous other new features and fixes.

An information leak vulnerability that affects certain IKEv2 setups was discovered in strongSwan. All versions since 4.3.0 are affected.

We are happy to announce the release of strongSwan 5.3.2, which fixes a vulnerability and two other issues.

We are happy to announce the release of strongSwan 5.3.1, which brings AES-NI support and fixes a vulnerability and several other issues.

A denial-of-service and potential remote code execution vulnerability triggered by crafted IKE messages was discovered in strongSwan. Versions 5.2.2 and 5.3.0 are affected.

We are proud to announce the release of strongSwan 5.3.0, which brings make-before-break re-authentication for IKEv2, support for RFC 7427 signature authentication, a Python VICI interface, and numerous other new features and fixes.