strongSwan - Design by Margo Galas <galas (at) solnet (dot) ch>

Main Sponsors

secunet

codelabs

strongSwan Denial-of-Service Vulnerability (CVE-2014-2891)

A DoS vulnerability triggered by crafted ID payloads was discovered in strongSwan. Versions since 4.3.3 and before 5.1.2 are affected.

strongSwan Authentication Bypass Vulnerability (CVE-2014-2338)

An authentication bypass vulnerability was discovered in strongSwan. It can be triggered by rekeying an unestablished IKEv2 SA while it gets actively initiated. All versions since 4.0.7 are affected.

strongSwan Denial-of-Service Vulnerability (CVE-2013-6076)

A DoS vulnerability triggered by crafted IKEv1 fragmentation payloads was discovered in strongSwan's IKE daemon charon. All versions since 5.0.2 are affected.

strongSwan Denial-of-Service Vulnerability and Potential Authorization Bypass (CVE-2013-6075)

A DoS vulnerability and potential authorization bypass triggered by a crafted ID_DER_ASN1_DN ID payload was discovered in strongSwan. All versions since 4.3.3 are affected.

strongSwan Denial-of-Service Vulnerability (CVE-2013-5018)

A DoS vulnerability in strongSwan was discovered, which is triggered by XAuth usernames and EAP identities in versions 5.0.3 and 5.0.4.

strongSwan 5.0.4 Released (CVE-2013-2944)

strongSwan 5.0.4 fixes a security vulnerability which affects all versions since 4.3.5 if the openssl plugin is used for ECDSA signature verification.

strongSwan 5.0.3 Released

The strongSwan 5.0.3 release comes with DNSSEC-based authentication, EAP-RADIUS improvements, Trusted Key Management support and many other new features and fixes.

strongSwan 5.0.2 Released

The strongSwan 5.0.2 release brings many new and extended features.

strongSwan 5.0.1 Released

The strongSwan 5.0.1 release refines the 5.0 branch and comes with a bunch of new features.

strongSwan 5.0.0 Released

We are proud to release strongSwan 5.0.0, featuring a new IKEv1 implementation within the charon keying daemon and several other improvements.