Fedora 37: 2023-25800591ef Critical: StrongSwan Authorization Bypass
fedora
March 11, 2023
Update to 5.9.10 for CVE-2023-26463
Summary
The strongSwan IPsec implementation supports both the IKEv1 and IKEv2 key
exchange protocols in conjunction with the native NETKEY IPsec stack of the
Linux kernel.
Update to 5.9.10 for CVE-2023-26463
* Thu Mar 2 2023 Paul Wouters - Update to 5.9.10
* Tue Feb 28 2023 Paul Wouters - Resolves: CVE-2023-26463 authorization bypass in TLS-based EAP methods
[ 1 ] Bug #2174833 - strongswan-5.9.10 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2174833
su -c 'dnf upgrade --advisory FEDORA-2023-25800591ef' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Topics Covered
Change Log
References
Update Instructions
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Product: Fedora 37
Version: 5.9.10
Release: 1.fc37
Summary: An OpenSource IPsec-based VPN and TNC solution
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!