Blog

Release and vulnerability announcements for strongSwan

A potential authorization bypass vulnerability in the gmp plugin was discovered in strongSwan. All versions are affected in certain configurations.

A denial-of-service vulnerability in the IKEv2 key derivation if the openssl plugin is used in FIPS mode and HMAC-MD5 is negotiated as PRF was discovered, all strongSwan versions since 5.0.1 may be affected.

A denial-of-service vulnerability in the stroke plugin was discovered in strongSwan. All versions are affected in certain configurations.

A denial-of-service vulnerability in the parser for RSASSA-PSS signatures was discovered in strongSwan 5.6.1.

A denial-of-service vulnerability in the gmp plugin was discovered in strongSwan. All versions are affected.

A denial-of-service vulnerability in the gmp plugin was discovered in strongSwan. All versions since 4.4.0 are affected.

A denial-of-service vulnerability in the x509 plugin was discovered in strongSwan. All versions are affected.

An authentication bypass vulnerability in the eap-mschapv2 plugin was discovered in strongSwan. All versions since 4.2.12 are affected.