A vulnerability in libtls related to the processing of the supported_versions extension in TLS was discovered in strongSwan that can result in an infinite loop. All versions since 5.9.2 are affected.
A vulnerability in libtls related to the processing of the supported_versions extension in TLS was discovered in strongSwan that can result in an infinite loop. All versions since 5.9.2 are affected.
We are happy to announce the release of strongSwan 6.0.6, which fixes seven vulnerabilities and comes with several other improvements and fixes.
We are happy to announce the release of strongSwan 6.0.5, which fixes a vulnerability in the eap-ttls plugin, supports forwarding certain ICMP errors that don't match the negotiated traffic selectors and comes with several other improvements and fixes.
A vulnerability in the eap-ttls plugin related to processing EAP-TTLS AVPs was discovered in strongSwan that can result in resource exhaustion or a crash. All versions since 4.5.0 are affected.