What Are You Looking For?

Sign Up
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2015-5279
2015-04-02 00:25:16
--------------------------------------------------------------------------------

Name        : strongswan
Product     : Fedora 22
Version     : 5.3.2
Release     : 1.fc22
URL         : https://www.strongswan.org/
Summary     : An OpenSource IPsec-based VPN and TNC solution
Description :
The strongSwan IPsec implementation supports both the IKEv1 and IKEv2 key
exchange protocols in conjunction with the native NETKEY IPsec stack of the
Linux kernel.

--------------------------------------------------------------------------------
Update Information:

New upstream release 5.3.2. Fixes CVE-2014-9221 and CVE-2015-3991.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jun  9 2015 Pavel Å imerda 
- new version 5.3.2
* Fri Jun  5 2015 Pavel Å imerda 
- new version 5.3.1
* Tue Mar 31 2015 Pavel Å imerda 
- new version 5.3.0
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1178956 - CVE-2014-9221 strongswan: denial-of-service vulnerability in libtls when processing crafted Key Exchange payload [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1178956
  [ 2 ] Bug #1228819 - CVE-2015-3991 strongswan: incorrect payload processing for different IKE versions [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1228819
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use
su -c 'yum update strongswan' at the command line.
For more information, refer to "Managing Software with yum",
available at .

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

Fedora 22: strongswan Security Update

August 19, 2015
New upstream release 5.3.2

Summary

The strongSwan IPsec implementation supports both the IKEv1 and IKEv2 key

exchange protocols in conjunction with the native NETKEY IPsec stack of the

Linux kernel.

Update Information:

New upstream release 5.3.2. Fixes CVE-2014-9221 and CVE-2015-3991.

Change Log

* Tue Jun 9 2015 Pavel Å imerda - new version 5.3.2 * Fri Jun 5 2015 Pavel Å imerda - new version 5.3.1 * Tue Mar 31 2015 Pavel Å imerda - new version 5.3.0

References

[ 1 ] Bug #1178956 - CVE-2014-9221 strongswan: denial-of-service vulnerability in libtls when processing crafted Key Exchange payload [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1178956 [ 2 ] Bug #1228819 - CVE-2015-3991 strongswan: incorrect payload processing for different IKE versions [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1228819

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update strongswan' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
Name : strongswan
Product : Fedora 22
Version : 5.3.2
Release : 1.fc22
URL : https://www.strongswan.org/
Summary : An OpenSource IPsec-based VPN and TNC solution

Related News

OpenSSL 3.2 Adds Support for TCP Fast Open on Linux, Argon2 KDF, and More

Nov 27, 2023

Nitrux 3.2.0 Linux Distro Released with Enhanced Security and New Features

Nov 28, 2023

Treat Software Release Speed as an Enabler for Security

Sep 28, 2023

OpenBSD 7.4 Released With New Hardware Support, Security Improvements

Oct 17, 2023

News

Advisories

HOWTOs

Features

Empowering MSPs with Straightforward Linux Device Management
A Complete Guide to Torrenting Safely in 2024
Cloud Security Basics for Small Businesses
Scanning and Defending Networks with Nmap
CISA Issues Urgent Warning Over Active Exploitation of Looney Tunables glibc Bug

About Us

Powered By

Footer Logo