Release and vulnerability announcements for strongSwan

secunet Acquires Rights to strongSwan Source Code

We are happy to announce that secunet, Germany's leading cybersecurity company, has acquired the rights to the strongSwan source code.

secunet, Germany's leading cybersecurity company, has acquired the intellectual property rights to the strongSwan source code. The acquisition agreement with OST Ostschweizer Fachhochschule (Eastern Switzerland University of Applied Sciences) – formerly HSR Hochschule für Technik Rapperswil (University of Applied Sciences Rapperswil) – which financed the project previously, was signed at the end of May 2022. Now the rights for the software are held by secunet.

With both of strongSwan's current maintainers, Andreas Steffen and Tobias Brunner, leaving OST in March of 2021, a long-term financial solution for the maintenance of the project had to be found. Because strongSwan already is central to the key management in the high-security solution SINA, which secunet developed on behalf of Germany's Bundesamt für Sicherheit in der Informationstechnik (BSI), and due to an excellent working relationship the maintainers developed with secunet from previous projects, the company was an obvious choice.

strongSwan continues to be distributed under the GPLv2 and can thus be studied, modified, distributed and executed by anyone (subject to the license terms of the GPLv2). In addition, existing - but also new - customers will continue to be offered non-GPL licensing (dual licensing) for most components, as well as maintenance and support contracts.

The project's website remains at, the documentation at, the repository and project management at GitHub.

"secunet has always been committed to open source software and uses it in its products and solutions", explains Dr. Kai Martius, Chief Technology Officer and member of the Management Board of secunet Security Networks AG. "Customers benefit from the transparency this provides. It also facilitates approval processes by IT security authorities such as the BSI. In line with this strategy, I am delighted we are now taking on another technology building block that fits perfectly into our portfolio."

With the IPsec implementation in the Linux kernel, secunet has already been supporting another prominent open source project for many years, which is also central to IP protection. At the beginning of 2022, secunet also joined the Open Source Business Alliance (OSBA).

Please also see the press release by secunet.