strongSwan - Design by Margo Galas <galas (at) solnet (dot) ch>

Main Sponsors

secunet

secunet

revosec

Hochschule für Technik Rapperswil

strongSwan 5.3.0 Released

We are proud to announce the release of strongSwan 5.3.0, which brings make-before-break re-authentication for IKEv2, support for RFC 7427 signature authentication, a Python VICI interface, and numerous other new features and fixes.

strongSwan Denial-of-Service Vulnerability (CVE-2014-9221)

A DoS vulnerability triggered by an IKEv2 Key Exchange payload containing DH group 1025 was discovered in strongSwan. All versions since 4.5.0 are affected.

strongSwan 5.2.2 Released

We are happy to announce the release of strongSwan 5.2.2, which brings a new post-quantum signature scheme, identity type prefixes and fixes a DoS vulnerability and several other issues.

strongSwan 5.2.1 Released

We are proud to announce the release of strongSwan 5.2.1, which comes with support for systemd, IKEv2 fragmentation, segmentation of large PA-TNC attributes, a Ruby interface to vici and several other new features and fixes.

strongSwan 5.2.0 Released

We are proud to announce the release of strongSwan 5.2.0, which brings a native Windows port, a more flexible configuration and control interface and many other new features and fixes.

strongSwan Denial-of-Service Vulnerability (CVE-2014-2891)

A DoS vulnerability triggered by crafted ID payloads was discovered in strongSwan. Versions since 4.3.3 and before 5.1.2 are affected.

strongSwan Authentication Bypass Vulnerability (CVE-2014-2338)

An authentication bypass vulnerability was discovered in strongSwan. It can be triggered by rekeying an unestablished IKEv2 SA while it gets actively initiated. All versions since 4.0.7 are affected.

strongSwan 5.1.3 Released

strongSwan 5.1.3 fixes a security vulnerability and adds support for X.509 attribute certificates.

strongSwan 5.1.2 Released

We are happy to announce the release of strongSwan 5.1.2, which brings a new default config file layout, a post-quantum computer key exchange method and several other new features and fixes.

strongSwan Denial-of-Service Vulnerability (CVE-2013-6076)

A DoS vulnerability triggered by crafted IKEv1 fragmentation payloads was discovered in strongSwan's IKE daemon charon. All versions since 5.0.2 are affected.