Blog

Release and vulnerability announcements for strongSwan

strongSwan Vulnerability (CVE-2018-5388)

A denial-of-service vulnerability in the stroke plugin was discovered in strongSwan. All versions are affected in certain configurations.

security fix5.6.x5.5.x5.4.x5.3.x5.2.x5.1.x5.0.x4.x

strongSwan Vulnerability (CVE-2017-11185)

A denial-of-service vulnerability in the gmp plugin was discovered in strongSwan. All versions are affected.

security fix4.x5.0.x5.1.x5.2.x5.3.x5.4.x5.5.x

strongSwan Vulnerability (CVE-2017-9022)

A denial-of-service vulnerability in the gmp plugin was discovered in strongSwan. All versions since 4.4.0 are affected.

4.x5.0.x5.1.x5.2.x5.3.x5.4.x5.5.xsecurity fix

strongSwan Vulnerability (CVE-2017-9023)

A denial-of-service vulnerability in the x509 plugin was discovered in strongSwan. All versions are affected.

4.x5.0.x5.1.x5.2.x5.3.x5.4.x5.5.xsecurity fix

strongSwan Vulnerability (CVE-2015-8023)

An authentication bypass vulnerability in the eap-mschapv2 plugin was discovered in strongSwan. All versions since 4.2.12 are affected.

security fix5.3.x5.2.x5.1.x5.0.x4.x

strongSwan Vulnerability (CVE-2015-4171)

An information leak vulnerability that affects certain IKEv2 setups was discovered in strongSwan. All versions since 4.3.0 are affected.

security fix5.3.x5.2.x5.1.x5.0.x4.x

strongSwan Denial-of-Service Vulnerability (CVE-2014-9221)

A DoS vulnerability triggered by an IKEv2 Key Exchange payload containing DH group 1025 was discovered in strongSwan. All versions since 4.5.0 are affected.

security fix4.x5.0.x5.1.x5.2.x

strongSwan Denial-of-Service Vulnerability (CVE-2014-2891)

A DoS vulnerability triggered by crafted ID payloads was discovered in strongSwan. Versions since 4.3.3 and before 5.1.2 are affected.

security fix4.x5.0.x5.1.x
Archive
2026 2
2025 6
2024 3
2023 7
2022 7
2021 5
2020 4
2019 3
2018 10
2017 7
2016 3
2015 11
2014 6
2013 8
2012 6
Tags
release 59
security fix 29
5.0.x 26
5.9.x 25
5.1.x 23
5.3.x 22
5.2.x 19
4.x 18
5.5.x 17
5.6.x 16
5.4.x 14
5.8.x 13