strongSwan - Design by Margo Galas <galas (at) solnet (dot) ch>

Main Sponsors

secunet

secunet

revosec

Hochschule für Technik Rapperswil

strongSwan 5.7.2 Released

We are happy to announce the release of strongSwan 5.7.2, which brings automatic signature scheme selection for TPM 2.0, updates for RADIUS and crypto plugins, dynamic paths for swanctl, and several other new features and fixes.

strongSwan 5.7.1 Released

strongSwan 5.7.1 fixes a denial-of-service vulnerability in last week's 5.7.0 release and the patch for the vulnerability that was fixed with it.

strongSwan 5.7.0 Released

We are happy to announce the release of strongSwan 5.7.0, which brings support for SWIMA for PA-TNC, swanctl.conf/strongswan.conf syntax changes, a Botan crypto library plugin, support for Postquantum Preshared Keys for IKEv2, fixes a potential authorization bypass vulnerability, and comes with several other new features and fixes.

strongSwan 5.6.3 Released

We are happy to announce the release of strongSwan 5.6.3, which improves certificate chain validation, updates the DHCP plugin, allows forcing the local termination of IKE_SAs, supports trap policies with virtual IPs, and fixes two potential DoS vulnerabilities and several other issues.

strongSwan 5.6.2 Released

We are happy to announce the release of strongSwan 5.6.2 which includes rekeying and MOBIKE improvements, supports accessing certificates in a TPM 2.0, and fixes a DoS vulnerability and several other issues.

strongSwan 5.6.1 Released

We are happy to announce the release of strongSwan 5.6.1 which removes deprecated algorithms from default proposals, supports RSASSA-PSS signatures, and brings several other new features and fixes.

strongSwan 5.6.0 Released

We are happy to announce the release of strongSwan 5.6.0 which adds support for SWIMA for PA-TNC, brings a plugin that implements 3GPP MILENAGE in software, refines CHILD_SA rekeying and fixes a DoS vulnerability and several other issues.

strongSwan 5.5.3 Released

We are happy to announce the release of strongSwan 5.5.3 which avoids traffic loss during IKEv2 CHILD_SA rekeying, runs on the ARM64 iOS platform, and fixes two vulnerabilities and several other issues.

strongSwan 5.5.2 Released

We are happy to announce the release of strongSwan 5.5.2 which brings support for DH group 31 using Curve25519 and the Ed25519 signature algorithm for IKEv2, storing private keys on a TPM 2.0, automatic installation of bypass policies for LANs, several new features for the VICI interface and swanctl and lots of other new features and fixes.

strongSwan 5.5.1 Released

We are happy to announce the release of strongSwan 5.5.1 which brings support for the NewHope post-quantum key exchange algorithm, simplified private key handling in swanctl and pki, configurable XFRM policy hashing thresholds, improved delta CRL handling, support for NetworkManager 1.2 and several other new features and fixes.