UbuntuUpdates.org

Package "libcharon-extra-plugins"

Name: libcharon-extra-plugins

Description:

strongSwan charon library (extra plugins)
Latest version: 5.9.5-2ubuntu2.6
Release: jammy (22.04)
Level: updates
Repository: universe
Head package: strongswan
Homepage: http://www.strongswan.org

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "libcharon-extra-plugins"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "libcharon-extra-plugins" in Jammy

Repository Area Version
base universe 5.9.5-2ubuntu2
security universe 5.9.5-2ubuntu2.6

Changelog

Version: 5.9.5-2ubuntu2.6 2026-04-22 15:08:11 UTC

  strongswan (5.9.5-2ubuntu2.6) jammy-security; urgency=medium

  * SECURITY UPDATE: Infinite Loop When Handling Supported Versions TLS
    Extension
    - debian/patches/CVE-2026-35328.patch: prevent infinite loop if
      supported versions are too short in src/libtls/tls_server.c.
    - CVE-2026-35328
  * SECURITY UPDATE: NULL-Pointer Dereference When Processing Padding in
    PKCS#7
    - debian/patches/CVE-2026-35329.patch: avoid NULL pointer dereference
      when verifying padding in src/libstrongswan/crypto/pkcs5.c,
      src/libstrongswan/plugins/pkcs7/pkcs7_enveloped_data.c.
    - CVE-2026-35329
  * SECURITY UPDATE: Integer Underflow When Handling EAP-SIM/AKA Attributes
    - debian/patches/CVE-2026-35330.patch: reject zero-length EAP-SIM/AKA
      attributes in src/libsimaka/simaka_message.c.
    - CVE-2026-35330
  * SECURITY UPDATE: Accepting Certificates Violating Name Constraints
    - debian/patches/CVE-2026-35331.patch: case-insensitive matching and
      reject excluded DN name constraints in
      src/libstrongswan/plugins/constraints/constraints_validator.c,
      src/libstrongswan/tests/suites/test_certnames.c.
    - CVE-2026-35331
  * SECURITY UPDATE: NULL-Pointer Dereference When Handling ECDH Public
    Value in TLS
    - debian/patches/CVE-2026-35332.patch: only accept non-empty ECDH
      public keys with TLS < 1.3 in src/libtls/tls_server.c.
    - CVE-2026-35332
  * SECURITY UPDATE: Integer Underflow When Handling RADIUS Attributes
    - debian/patches/CVE-2026-35333.patch: reject undersized attributes in
      enumerator in src/libradius/radius_message.c.
    - CVE-2026-35333
  * SECURITY UPDATE: Possible NULL-Pointer Dereference in RSA Decryption
    - debian/patches/CVE-2026-35334.patch: avoid crash and timing leaks in
      PKCS#1 v1.5 decryption padding validation in
      src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c,
      src/libstrongswan/utils/utils.h,
      src/libstrongswan/utils/utils/constant_time.h.
    - CVE-2026-35334

 -- Marc Deslauriers <email address hidden> Fri, 17 Apr 2026 16:02:46 -0400
Source diff to previous version
CVE-2026-35328 strongswan: libtls infinite loop
CVE-2026-35329 strongswan: pkcs7 crash
CVE-2026-35330 strongswan: libsimaka infinite loop
CVE-2026-35331 strongswan: constraints plugin
CVE-2026-35332 strongswan: libtls ECDH crash
CVE-2026-35333 strongswan: libradius infinite loop
CVE-2026-35334 strongswan: gmp plugin crash

Version: 5.9.5-2ubuntu2.5 2026-03-24 06:08:46 UTC

  strongswan (5.9.5-2ubuntu2.5) jammy-security; urgency=medium

  * SECURITY UPDATE: Integer Underflow When Handling EAP-TTLS AVP
    - debian/patches/CVE-2026-25075.patch: prevent crash if AVP length
      header field is invalid in
      src/libcharon/plugins/eap_ttls/eap_ttls_avp.c.
    - CVE-2026-25075

 -- Marc Deslauriers <email address hidden> Wed, 11 Mar 2026 09:17:08 -0400
Source diff to previous version
CVE-2026-25075 strongSwan versions 4.5.0 prior to 6.0.5 contain an integer underflow vulnerability in the EAP-TTLS AVP parser that allows unauthenticated remote att

Version: 5.9.5-2ubuntu2.4 2025-10-27 23:07:17 UTC

  strongswan (5.9.5-2ubuntu2.4) jammy-security; urgency=medium

  * SECURITY UPDATE: Buffer Overflow When Handling EAP-MSCHAPv2 Failure
    Requests
    - debian/patches/CVE-2025-62291.patch: fix length check for Failure
      Request packets on the client in
      src/libcharon/plugins/eap_mschapv2/eap_mschapv2.c.
    - CVE-2025-62291

 -- Marc Deslauriers <email address hidden> Tue, 21 Oct 2025 11:06:35 -0400
Source diff to previous version

Version: 5.9.5-2ubuntu2.3 2024-05-14 13:07:46 UTC

  strongswan (5.9.5-2ubuntu2.3) jammy-security; urgency=medium

  * SECURITY UPDATE: improper certificate validation
    - debian/patches/CVE-2022-4967.patch: enforce client/server identity
      when looking for public key in src/libtls/tls_peer.c,
      src/libtls/tls_server.c.
    - CVE-2022-4967

 -- Marc Deslauriers <email address hidden> Mon, 13 May 2024 16:16:55 +0200
Source diff to previous version
CVE-2022-4967 strongSwan versions 5.9.2 through 5.9.5 are affected by authorization bypass through improper validation of certificate with host mismatch (CWE-297).

Version: 5.9.5-2ubuntu2.2 2023-11-20 18:07:54 UTC

  strongswan (5.9.5-2ubuntu2.2) jammy-security; urgency=medium

  * SECURITY UPDATE: Buffer Overflow When Handling DH Public Values
    - debian/patches/CVE-2023-41913.patch: Validate DH public key to fix
      potential buffer overflow in
      src/charon-tkm/src/tkm/tkm_diffie_hellman.c.
    - CVE-2023-41913

 -- Marc Deslauriers <email address hidden> Tue, 07 Nov 2023 11:46:10 +0200


About   -   Send Feedback to @ubuntu_updates