Update Info


Security update for strongswan

Type: security
Severity: important
Issued: 2019-11-25
This update for strongswan fixes the following issues:

Security issues fixed: 

- CVE-2018-5388: Fixed a buffer underflow which may allow to a remote attacker 
  with local user credentials to resource exhaustion and denial of service while 
  reading from the socket (bsc#1094462).
- CVE-2018-10811: Fixed a denial of service during  the IKEv2 key derivation if 
  the openssl plugin is used in FIPS mode and HMAC-MD5 is negotiated as PRF 
- CVE-2018-16151,CVE-2018-16152: Fixed multiple flaws in the gmp plugin which 
  might lead to authorization bypass (bsc#1107874).
- CVE-2018-17540: Fixed an improper input validation in gmp plugin (bsc#1109845).  



  • strongswan-5.6.0-4.3.2