Blog

Release and vulnerability announcements for strongSwan

A DoS vulnerability in strongSwan was discovered, which is triggered by XAuth usernames and EAP identities in versions 5.0.3 and 5.0.4.

strongSwan 5.0.4 fixes a security vulnerability which affects all versions since 4.3.5 if the openssl plugin is used for ECDSA signature verification.

The strongSwan 5.0.3 release comes with DNSSEC-based authentication, EAP-RADIUS improvements, Trusted Key Management support and many other new features and fixes.

The strongSwan 5.0.2 release brings many new and extended features.

The strongSwan 5.0.1 release refines the 5.0 branch and comes with a bunch of new features.

We are proud to release strongSwan 5.0.0, featuring a new IKEv1 implementation within the charon keying daemon and several other improvements.

Bye Bye Pluto!

The new strongSwan 5.0 branch combines IKEv1 and IKEv2 functionality into a single monolithic charon daemon and says bye bye to the old and weary pluto daemon.