Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 496
Alerts This Week
Warning Icon 1 496

Ubuntu 15.04, 14.10, 14.04 LTS: 2628-1 Moderate strongSwan Vulnerability

ubuntu
Calendar Grey June 8, 2015
Dist Ubuntu Esm H88
=========================================================================Ubuntu Security Notice USN-
strongSwan could be made to expose sensitive information over the network.

Summary

strongSwan could be made to expose sensitive information over the network.

Software Description:

- strongswan: IPsec VPN solution

Details:

Alexander E. Patrakov discovered that strongSwan incorrectly handled

certain IKEv2 setups. A malicious server could possibly use this issue to

obtain user credentials.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 15.04:
  strongswan-ike                  5.1.2-0ubuntu5.2

Ubuntu 14.10:
  strongswan-ike                  5.1.2-0ubuntu3.3

Ubuntu 14.04 LTS:
  strongswan-ike                  5.1.2-0ubuntu2.3

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-2628-1

CVE-2015-4171

June 08, 2015

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.