Blog

Release and vulnerability announcements for strongSwan

strongSwan Vulnerability (CVE-2018-6459)

A denial-of-service vulnerability in the parser for RSASSA-PSS signatures was discovered in strongSwan 5.6.1.

5.6.xsecurity fix

strongSwan Vulnerability (CVE-2017-11185)

A denial-of-service vulnerability in the gmp plugin was discovered in strongSwan. All versions are affected.

security fix4.x5.0.x5.1.x5.2.x5.3.x5.4.x5.5.x

strongSwan Vulnerability (CVE-2017-9022)

A denial-of-service vulnerability in the gmp plugin was discovered in strongSwan. All versions since 4.4.0 are affected.

4.x5.0.x5.1.x5.2.x5.3.x5.4.x5.5.xsecurity fix

strongSwan Vulnerability (CVE-2017-9023)

A denial-of-service vulnerability in the x509 plugin was discovered in strongSwan. All versions are affected.

4.x5.0.x5.1.x5.2.x5.3.x5.4.x5.5.xsecurity fix

strongSwan Vulnerability (CVE-2015-8023)

An authentication bypass vulnerability in the eap-mschapv2 plugin was discovered in strongSwan. All versions since 4.2.12 are affected.

security fix5.3.x5.2.x5.1.x5.0.x4.x

strongSwan Vulnerability (CVE-2015-4171)

An information leak vulnerability that affects certain IKEv2 setups was discovered in strongSwan. All versions since 4.3.0 are affected.

security fix5.3.x5.2.x5.1.x5.0.x4.x

strongSwan Vulnerability (CVE-2015-3991)

A denial-of-service and potential remote code execution vulnerability triggered by crafted IKE messages was discovered in strongSwan. Versions 5.2.2 and 5.3.0 are affected.

security fix5.3.x5.2.x

strongSwan Denial-of-Service Vulnerability (CVE-2014-9221)

A DoS vulnerability triggered by an IKEv2 Key Exchange payload containing DH group 1025 was discovered in strongSwan. All versions since 4.5.0 are affected.

security fix4.x5.0.x5.1.x5.2.x
Archive
2023 1
2022 7
2021 5
2020 4
2019 3
2018 10
2017 7
2016 3
2015 11
2014 6
2013 8
2012 6
Tags
release 48
security fix 23
5.0.x 23
5.1.x 20
5.3.x 18
5.2.x 16
4.x 15
5.9.x 14
5.5.x 13
5.6.x 12
5.4.x 10
5.8.x 9