strongSwan - Design by Margo Galas <galas (at) solnet (dot) ch>

Main Sponsors

secunet

codelabs

strongSwan Vulnerability (CVE-2022-40617)

A vulnerability related to online certificate revocation checking was discovered in strongSwan that can lead to a denial-of-service attack. All versions may be affected.

strongSwan Vulnerability (CVE-2021-45079)

A vulnerability in the EAP client implementation was discovered in strongSwan. All versions since 4.1.2 are affected.

strongSwan Vulnerability (CVE-2021-41991)

A denial-of-service vulnerability in the in-memory certificate cache was discovered in strongSwan. All versions since 4.2.10 are affected.

strongSwan Vulnerability (CVE-2018-16151, CVE-2018-16152)

A potential authorization bypass vulnerability in the gmp plugin was discovered in strongSwan. All versions are affected in certain configurations.

strongSwan Vulnerability (CVE-2018-10811)

A denial-of-service vulnerability in the IKEv2 key derivation if the openssl plugin is used in FIPS mode and HMAC-MD5 is negotiated as PRF was discovered, all strongSwan versions since 5.0.1 may be affected.

strongSwan Vulnerability (CVE-2018-5388)

A denial-of-service vulnerability in the stroke plugin was discovered in strongSwan. All versions are affected in certain configurations.

strongSwan Vulnerability (CVE-2017-11185)

A denial-of-service vulnerability in the gmp plugin was discovered in strongSwan. All versions are affected.

strongSwan Vulnerability (CVE-2017-9022)

A denial-of-service vulnerability in the gmp plugin was discovered in strongSwan. All versions since 4.4.0 are affected.

strongSwan Vulnerability (CVE-2017-9023)

A denial-of-service vulnerability in the x509 plugin was discovered in strongSwan. All versions are affected.

strongSwan 5.5.3 Released

We are happy to announce the release of strongSwan 5.5.3 which avoids traffic loss during IKEv2 CHILD_SA rekeying, runs on the ARM64 iOS platform, and fixes two vulnerabilities and several other issues.