strongSwan - Design by Margo Galas <galas (at) solnet (dot) ch>

Main Sponsors

secunet

secunet

revosec

Hochschule für Technik Rapperswil

strongSwan Vulnerability (CVE-2018-16151, CVE-2018-16152)

A potential authorization bypass vulnerability in the gmp plugin was discovered in strongSwan. All versions are affected in certain configurations.

strongSwan Vulnerability (CVE-2018-10811)

A denial-of-service vulnerability in the IKEv2 key derivation if the openssl plugin is used in FIPS mode and HMAC-MD5 is negotiated as PRF was discovered, all strongSwan versions since 5.0.1 may be affected.

strongSwan Vulnerability (CVE-2018-5388)

A denial-of-service vulnerability in the stroke plugin was discovered in strongSwan. All versions are affected in certain configurations.

strongSwan Vulnerability (CVE-2017-11185)

A denial-of-service vulnerability in the gmp plugin was discovered in strongSwan. All versions are affected.

strongSwan Vulnerability (CVE-2017-9022)

A denial-of-service vulnerability in the gmp plugin was discovered in strongSwan. All versions since 4.4.0 are affected.

strongSwan Vulnerability (CVE-2017-9023)

A denial-of-service vulnerability in the x509 plugin was discovered in strongSwan. All versions are affected.

strongSwan 5.3.5 Released

We are happy to announce the release of strongSwan 5.3.5, which fixes a regression in 5.3.4.

strongSwan 5.3.4 Released

We are happy to announce the release of strongSwan 5.3.4, which fixes a vulnerability and several other issues.

strongSwan Vulnerability (CVE-2015-8023)

An authentication bypass vulnerability in the eap-mschapv2 plugin was discovered in strongSwan. All versions since 4.2.12 are affected.

strongSwan 5.3.3 Released

We are happy to announce the release of strongSwan 5.3.3, which brings support for the ChaCha20/Poly1305 AEAD cipher, configuration of auxiliary CA information such as CRL and OCSP URIs via VICI, and adds numerous other new features and fixes.