Package "strongswan"

Name:	strongswan
Description:	IPsec VPN solution metapackage
Latest version:	5.8.2-1ubuntu3.4
Release:	focal (20.04)
Level:	security
Repository:	main
Homepage:	http://www.strongswan.org

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Download "strongswan"

All arch deb package

APT INSTALL

Other versions of "strongswan" in Focal

Repository	Area	Version
base	universe	5.8.2-1ubuntu3
base	main	5.8.2-1ubuntu3
security	universe	5.8.2-1ubuntu3.4
updates	main	5.8.2-1ubuntu3.4
updates	universe	5.8.2-1ubuntu3.4

Packages in group

Deleted packages are displayed in grey.

Changelog

Version: 5.8.2-1ubuntu3.4 2022-01-24 19:07:24 UTC

Version: 5.8.2-1ubuntu3.4	2022-01-24 19:07:24 UTC
strongswan (5.8.2-1ubuntu3.4) focal-security; urgency=medium * SECURITY UPDATE: Incorrect Handling of Early EAP-Success Messages - debian/patches/CVE-2021-45079.patch: enforce failure if MSK generation fails in src/libcharon/plugins/eap_gtc/eap_gtc.c, src/libcharon/plugins/eap_md5/eap_md5.c, src/libcharon/plugins/eap_radius/eap_radius.c, src/libcharon/sa/eap/eap_method.h, src/libcharon/sa/ikev2/authenticators/eap_authenticator.c. - CVE-2021-45079 -- Marc Deslauriers <email address hidden> Tue, 11 Jan 2022 07:10:45 -0500
Source diff to previous version

strongswan (5.8.2-1ubuntu3.4) focal-security; urgency=medium * SECURITY UPDATE: Incorrect Handling of Early EAP-Success Messages - debian/patches/CVE-2021-45079.patch: enforce failure if MSK generation fails in src/libcharon/plugins/eap_gtc/eap_gtc.c, src/libcharon/plugins/eap_md5/eap_md5.c, src/libcharon/plugins/eap_radius/eap_radius.c, src/libcharon/sa/eap/eap_method.h, src/libcharon/sa/ikev2/authenticators/eap_authenticator.c. - CVE-2021-45079 -- Marc Deslauriers <email address hidden> Tue, 11 Jan 2022 07:10:45 -0500

Source diff to previous version

Version: 5.8.2-1ubuntu3.3 2021-10-19 11:06:26 UTC

strongswan (5.8.2-1ubuntu3.3) focal-security; urgency=medium * SECURITY UPDATE: Integer Overflow in gmp Plugin - debian/patches/CVE-2021-41990.patch: reject RSASSA-PSS params with negative salt length in src/libstrongswan/credentials/keys/signature_params.c, src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c. - CVE-2021-41990 * SECURITY UPDATE: Integer Overflow When Replacing Certificates in Cache - debian/patches/CVE-2021-41991.patch: prevent crash due to integer overflow/sign change in src/libstrongswan/credentials/sets/cert_cache.c. - CVE-2021-41991 -- Marc Deslauriers <email address hidden> Tue, 12 Oct 2021 13:22:57 -0400

CVE-2021-41990	The gmp plugin in strongSwan before 5.9.4 has a remote integer overflo ...
CVE-2021-41991	The in-memory certificate cache in strongSwan before 5.9.4 has a remot ...

About - Send Feedback to @ubuntu_updates

Package "strongswan"

Links

Download "strongswan"

Other versions of "strongswan" in Focal

Packages in group

Changelog

Tweets

Share this page

Bookmarks

Latest updates

proposed

PPA updates