Information on source package strongswan

Available versions

ReleaseVersion
jessie (security)5.2.1-6+deb8u6
stretch (security)5.5.1-4+deb9u2
buster5.6.3-1
sid5.6.3-1

Open unimportant issues

BugjessiestretchbustersidDescription
CVE-2018-5389vulnerablevulnerablevulnerablevulnerableThe Internet Key Exchange v1 main mode is vulnerable to offline ...

Resolved issues

BugDescription
CVE-2018-6459The rsa_pss_params_parse function in ...
CVE-2018-5388In stroke_socket.c in strongSwan before 5.6.3, a missing packet length ...
CVE-2018-10811strongSwan 5.6.0 and older allows Remote Denial of Service because of ...
CVE-2017-9023The ASN.1 parser in strongSwan before 5.5.3 improperly handles CHOICE ...
CVE-2017-9022The gmp plugin in strongSwan before 5.5.3 does not properly validate ...
CVE-2017-11185The gmp plugin in strongSwan before 5.6.0 allows remote attackers to ...
CVE-2015-8023The server implementation of the EAP-MSCHAPv2 protocol in the ...
CVE-2015-4171strongSwan 4.3.0 through 5.x before 5.3.2 and strongSwan VPN Client ...
CVE-2015-3991strongSwan 5.2.2 and 5.3.0 allows remote attackers to cause a denial ...
CVE-2014-9221strongSwan 4.5.x through 5.2.x before 5.2.1 allows remote attackers to ...
CVE-2014-2891strongSwan before 5.1.2 allows remote attackers to cause a denial of ...
CVE-2014-2338IKEv2 in strongSwan 4.0.7 before 5.1.3 allows remote attackers to ...
CVE-2013-6076strongSwan 5.0.2 through 5.1.0 allows remote attackers to cause a ...
CVE-2013-6075The compare_dn function in utils/identification.c in strongSwan 4.3.3 ...
CVE-2013-5018The is_asn1 function in strongSwan 4.1.11 through 5.0.4 does not ...
CVE-2013-2944strongSwan 4.3.5 through 5.0.3, when using the OpenSSL plugin for ...
CVE-2013-2054Buffer overflow in the atodn function in strongSwan 2.0.0 through ...
CVE-2012-2388The GMP Plugin in strongSwan 4.2.0 through 4.6.3 allows remote ...
CVE-2010-2628The IKE daemon in strongSwan 4.3.x before 4.3.7 and 4.4.x before 4.4.1 ...
CVE-2009-2661The asn1_length function in strongSwan 2.8 before 2.8.11, 4.2 before ...
CVE-2009-2185The ASN.1 parser (pluto/asn1.c, libstrongswan/asn1/asn1.c, ...
CVE-2009-1958charon/sa/tasks/child_create.c in the charon daemon in strongSWAN ...
CVE-2009-1957charon/sa/ike_sa.c in the charon daemon in strongSWAN before 4.3.1 ...
CVE-2009-0790The pluto IKE daemon in Openswan and Strongswan IPsec 2.6 before ...
CVE-2008-4551strongSwan 4.2.6 and earlier allows remote attackers to cause a denial ...

Security announcements

DSA / DLADescription
DSA-4229-1strongswan - security update
DSA-4229-1strongswan - security update
DSA-3962-1strongswan - security update
DSA-3962-1strongswan - security update
DLA-1059-1strongswan - security update
DLA-973-1strongswan - security update
DSA-3866-1strongswan - security update
DLA-345-1strongswan - security update
DSA-3398-1strongswan - security update
DSA-3398-1strongswan - security update
DLA-244-1strongswan - security update
DSA-3282-1strongswan - security update
DSA-3282-1strongswan - security update
DSA-3118-1strongswan - security update
DSA-2922-1strongswan - security update
DSA-2922-1strongswan - security update
DSA-2903-1strongswan - security update
DSA-2903-1strongswan - security update
DSA-2789-1strongswan - Denial of service and authorization bypass
DSA-2789-1strongswan - Denial of service and authorization bypass
DSA-2665-1strongswan - authentication bypass
DSA-2665-1strongswan - authentication bypass
DSA-2483-1strongswan - authentication bypass
DSA-1899-1strongswan - denial of service
DSA-1899-1strongswan - denial of service
DSA-1759-1strongswan - denial of service
DSA-1759-1strongswan - denial of service

Search for package or bug name: Reporting problems