Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Fedora 22 StrongSwan Update - DoS Threat Fix and Enhanced Security

fedora
Calendar Grey August 19, 2015
Dist Fedora Esm H88
An upgrade for strongswan in Fedora 22 resolves significant Denial of Service vulnerabilities affecting IPsec. Ensure the safety of your system by installing the update immediately.
New upstream release 5.3.2

Summary

The strongSwan IPsec implementation supports both the IKEv1 and IKEv2 key

exchange protocols in conjunction with the native NETKEY IPsec stack of the

Linux kernel.

Update Information:

New upstream release 5.3.2. Fixes CVE-2014-9221 and CVE-2015-3991.

Topics%20covered

Topics Covered

security advisory software update Fedora security fix DoS threat strongswan

Change Log

* Tue Jun 9 2015 Pavel Å imerda - new version 5.3.2 * Fri Jun 5 2015 Pavel Å imerda - new version 5.3.1 * Tue Mar 31 2015 Pavel Å imerda - new version 5.3.0

References


[ 1 ] Bug #1178956 - CVE-2014-9221 strongswan: denial-of-service vulnerability in libtls when processing crafted Key Exchange payload [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1178956 [ 2 ] Bug #1228819 - CVE-2015-3991 strongswan: incorrect payload processing for different IKE versions [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1228819

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update strongswan' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
important
Lowest
Low
Medium
High
Critical

Name: strongswan
Product: Fedora 22
Version: 5.3.2
Release: 1.fc22
URL: https://www.strongswan.org/
Summary: An OpenSource IPsec-based VPN and TNC solution

Topics%20covered

Topics Covered

security advisory software update Fedora security fix DoS threat strongswan

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here