Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 1 articles for you...
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoraupdate

Fedora 39: FEDORA-2024-07c9cfd337 Critical: Libreswan IKEv1 Crash Issue

Update to 4.15 for CVE-2024-3652. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-07c9cfd337 2024-07-01 01:33:14.869106 -------------------------------------------------------------------------------- Name : libreswan Product : Fedora 39 Version : 4.15 Release : 1.fc39 URL : https://libreswan.org/ Summary : Internet Key Exchange (IKEv1 and IKEv2) implementation for IPsec Description : Libreswan is a free implementation of IPsec & IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks. Everything passing through the untrusted net is encrypted by the ipsec gateway machine and decrypted by the gateway at the other end of the tunnel. The resulting tunnel is a virtual private network or VPN. This package contains the daemons and userland tools for setting up Libreswan. Libreswan also supports IKEv2 (RFC7296) and Secure Labeling Libreswan is based on Openswan-2.6.38 which in turn is based on FreeS/WAN-2.04 -------------------------------------------------------------------------------- Update Information: Update to 4.15 for CVE-2024-3652 -------------------------------------------------------------------------------- ChangeLog: * Sat Jun 22 2024 Paul Wouters - 4.15-1 - Update libreswan to 4.15 for CVE-2024-3652 - Resolves rhbz#2274448 CVE-2024-3652 libreswan: IKEv1 default AH/ESP responder can crash and restart - Allow "ipsec import" to try importing PKCS#12 non-interactively if there is no password -------------------------------------------------------------------------------- References: [ 1 ] Bug #2274448 - CVE-2024-3652 libreswan: IKEv1 default AH/ESP responder can crash and restart https://bugzilla.redhat.com/show_bug.cgi?id=2274448 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-07c9cfd337' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: . The newest Fedora security advisory, FEDORA-2024-07c9cfd337, details essential updates for libreswan due to vulnerability CVE-2024-3652, urging immediate system upgrades for security.. Fedora Libreswan Update, CVE-2024-3652 Patch, Network Security Fix. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jul 01, 2024 Critical Fedora
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorysoftware updatesecurity fix

RedHat: RHSA-2023-3107-01 Important: Libreswan Security Issue

An update for libreswan is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: libreswan security update Advisory ID: RHSA-2023:3107-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:3107 Issue date: 2023-05-16 CVE Names: CVE-2023-2295 ==================================================================== 1. Summary: An update for libreswan is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64 3. Description: Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network (VPN). Security Fix(es): * libreswan: Regression of CVE-2023-30570 fixes in the Red Hat Enterprise Linux (CVE-2023-2295) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, referto: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2189777 - CVE-2023-2295 libreswan: Regression of CVE-2023-30570 fixes in the Red Hat Enterprise Linux 6. Package List: Red Hat Enterprise Linux AppStream (v. 8): Source: libreswan-4.9-3.el8_8.src.rpm aarch64: libreswan-4.9-3.el8_8.aarch64.rpm libreswan-debuginfo-4.9-3.el8_8.aarch64.rpm libreswan-debugsource-4.9-3.el8_8.aarch64.rpm ppc64le: libreswan-4.9-3.el8_8.ppc64le.rpm libreswan-debuginfo-4.9-3.el8_8.ppc64le.rpm libreswan-debugsource-4.9-3.el8_8.ppc64le.rpm s390x: libreswan-4.9-3.el8_8.s390x.rpm libreswan-debuginfo-4.9-3.el8_8.s390x.rpm libreswan-debugsource-4.9-3.el8_8.s390x.rpm x86_64: libreswan-4.9-3.el8_8.x86_64.rpm libreswan-debuginfo-4.9-3.el8_8.x86_64.rpm libreswan-debugsource-4.9-3.el8_8.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2023-2295 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBZGNw7NzjgjWX9erEAQhsLw/+K4siA4IKnQcBkNbXliG7E945Xtz06UzM ivJRQCyq/dCKpurBCZCKRRH44vproW9A7zTW1M/VEL3Vj0aODuKzLlDHPW7t9ORl 1499qUx7B0kRgukZ59mDqokhc+WVgguzole99I9n+gDsvw6rgbk1dvnHlvlFcYCD SsHiC8Mn7gJ7QAixDWhlToSj8YX0TNcQkAUCZc45CkCkHlyOAKsMSafYZUWt9ms3 JfrJgRZgMNjHeGC/Qbx1nOJ2+JzrZLyw9LbVs6p7B1ei/eExfyWJWGTUUJ8xpqew 6+uECtKiPTuu4T8d8BDaeuz3FWn8CX9AhKZctVJEMM8xJj+Iy4QoAcWeWcD89oY/ X3nh8HfTJje88bcjlLfuhuDDAVwVw7mt2+cijEj07yfmIpOAhQUXz0op6ohauupb ViPXNxXxTgqSNYP9apduMpGC+SgoyIm0nacGWwKFyW16bviBdwb/UxfStk4Vj1Q4 9LBSRgb2Gf1J9w1vwlzadpR6IYnJfWnNnSt8iWmRl3xnokJ5Pkqg7S6VGHSgzFxK LRVFG7c/rFUnPPSr2iuQ9+E7WuEXGuo4s+QL3qpxPX5N8IxWy870lIndOdna9VWg ec1YY8vtO3leiUlh9imiXVtbHdOxk1sHiNTgvSOjk98IEarq9dl9LH4h5CN/I4I9 cMCvlKi2kfI=uuAs -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . A critical patch for libreswan has been released, classified as Significant for Red Hat Enterprise Linux 8 clients.. libreswan update, Red Hat security advisory, security impact, Linux IPsec, important security update. . Severity: Important. LinuxSecurity.com Team

Calendar 2 May 16, 2023 Important Red Hat
Banner 1 1028x280 1708121660 1771599717
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisoryupdatered hat

Red Hat 8 RHSA-2023-2122-01 Critical: Libreswan IKEv1 Crash

An update for libreswan is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: libreswan security update Advisory ID: RHSA-2023:2122-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:2122 Issue date: 2023-05-04 CVE Names: CVE-2023-30570 ==================================================================== 1. Summary: An update for libreswan is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64 3. Description: Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network (VPN). Security Fix(es): * libreswan: Malicious IKEv1 Aggressive Mode packets can crash libreswan (CVE-2023-30570) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, referto: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2187165 - CVE-2023-30570 libreswan: Malicious IKEv1 Aggressive Mode packets can crash libreswan 6. Package List: Red Hat Enterprise Linux AppStream (v. 8): Source: libreswan-4.5-1.el8_7.1.src.rpm aarch64: libreswan-4.5-1.el8_7.1.aarch64.rpm libreswan-debuginfo-4.5-1.el8_7.1.aarch64.rpm libreswan-debugsource-4.5-1.el8_7.1.aarch64.rpm ppc64le: libreswan-4.5-1.el8_7.1.ppc64le.rpm libreswan-debuginfo-4.5-1.el8_7.1.ppc64le.rpm libreswan-debugsource-4.5-1.el8_7.1.ppc64le.rpm s390x: libreswan-4.5-1.el8_7.1.s390x.rpm libreswan-debuginfo-4.5-1.el8_7.1.s390x.rpm libreswan-debugsource-4.5-1.el8_7.1.s390x.rpm x86_64: libreswan-4.5-1.el8_7.1.x86_64.rpm libreswan-debuginfo-4.5-1.el8_7.1.x86_64.rpm libreswan-debugsource-4.5-1.el8_7.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2023-30570 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBZFPxRtzjgjWX9erEAQhhfg//TTU38fheR5fVc6p5nEKxwiHftOPseOy8 KMU1RMuY3Abkrf324SSd8Vv/Iv9JLoii6dJgtU6WuE/XOXnCwt8p8DNEeSQjnB98 AP7Z+POV+Edqcq2escBnzxrg6MCKDIdQqW/MoG2x6ANgwlJolwOS9G8rej8Blukg 2+r41Je6u82ea85rQ4Pe7vzGKjQNKb7sHKLa4qV+M5rzCjJcraxKTyFZ+DNEMCf1 xf2Q43qlhg61Mu+hy4YVK/y/HOaXUWnl5Z+U3BWKCjhOE6jrtLSG5tyPxCH05JWH 44wo7M+z9xp5yts5jNYsJfVn/EFvqu0iNW3SY/Tf0E6IrGEuPM2VzlDz44TrYJeq dEomw3DkyqEujx0jeNmlEj6cQ/0vs4dUq3nGXlhf6oUBavLURU2JZbwlL6MsaI5y ANuDm4PTMHRtMd+koE9qh88Wngbsv5tA3iFKM3jhiauA/3Uhiee/sbMJjVMMY5Xr 8JmqLpE1rMFCnv8nftlAZEDl8ghvLTyR1mMeipHu43xyRl5PU3eapa7A/9y+0zDS M990JXsCG6+6nM6aRhZ3880OehVY63em/Tp5qtw6jTvv182kkt0GqgUlzesQ4gXJ 6PVp0slun35q6DyvyVUTGBer50qWyioiydbSdcxK3TGnVtdtjWJdriFKlP6ibuqA 4DagD9d6oxE=lswb -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Critical libreswan security patch issued for Red Hat Enterprise Linux 8, resolving an IKEv1 stability problem.. Red Hat Security, Libreswan Update, Linux Security Patch, IKEv1 Vulnerability. . Severity: Important. LinuxSecurity.com Team

Calendar 2 May 04, 2023 Important Red Hat
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydenial of servicesecurity issue

Debian: DSA-5368-1 Moderate: Libreswan Denial Of Service Advisory

It was discovered that the libreswan IPsec implementation could be forced into a crash/restart via malformed IKEv2 packets after peer authentication, resulting in denial of service. . - ------------------------------------------------------------------------- Debian Security Advisory DSA-5368-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Salvatore Bonaccorso March 03, 2023 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libreswan CVE ID : CVE-2023-23009 Debian Bug : 1031821 It was discovered that the libreswan IPsec implementation could be forced into a crash/restart via malformed IKEv2 packets after peer authentication, resulting in denial of service. For the stable distribution (bullseye), this problem has been fixed in version 4.3-1+deb11u3. We recommend that you upgrade your libreswan packages. For the detailed security status of libreswan please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/libreswan Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Explore the security report DSA-5472-2 concerning libreswan's VPN setup and its potential availability risk.. Libreswan Denial Of Service, Debian Security Advisory, IPsec Update. . LinuxSecurity.com Team

Calendar 2 Mar 03, 2023 Debian
Banner 1 1028x280 1708121660 1771599717
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorydenial of servicecritical

Debian: DLA-3143-1 Critical: Strongswan DoS Update and Mitigation

It was discovered that there was a potential denial of service vulnerability in strongswan, an IPsec VPN solution. Strongswan could have queried URLs with untrusted certificates, and . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3143-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Chris Lamb October 10, 2022 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : strongswan Version : 5.7.2-1+deb10u3 CVE ID : CVE-2022-40617 Debian Bug : #1021271 It was discovered that there was a potential denial of service vulnerability in strongswan, an IPsec VPN solution. Strongswan could have queried URLs with untrusted certificates, and this could potentially lead to a DoS attack by blocking the fetcher thread. For Debian 10 buster, this problem has been fixed in version 5.7.2-1+deb10u3. We recommend that you upgrade your strongswan packages. For the detailed security status of strongswan please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/strongswan Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Security notice DLA-3143-1 pertaining to strongswan tackles potential denial of service vulnerabilities; suggested enhancements are now accessible for Debian users.. Debian Security, Strongswan Update, DoS Threat, IPsec VPN. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Oct 10, 2022 Critical Debian LTS
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydenial of servicedebian

Debian DSA-4684-1: Libreswan Critical DoS Threat Mitigated

Stephan Zeisberg discovered that the libreswan IPsec implementation could be forced into a crash/restart via a malformed IKEv1 Informational Exchange packet, resulting in denial of service. . - ------------------------------------------------------------------------- Debian Security Advisory DSA-4684-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Salvatore Bonaccorso May 13, 2020 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libreswan CVE ID : CVE-2020-1763 Debian Bug : 960458 Stephan Zeisberg discovered that the libreswan IPsec implementation could be forced into a crash/restart via a malformed IKEv1 Informational Exchange packet, resulting in denial of service. For the stable distribution (buster), this problem has been fixed in version 3.27-6+deb10u1. We recommend that you upgrade your libreswan packages. For the detailed security status of libreswan please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/libreswan Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Ubuntu Security Notice USN-4904-1 addresses a critical vulnerability in the apache2 package, mandating an immediate update to ensure continued protection.. libreswan Update, Debian Security, IPsec Advisory, Denial Of Service, Security Fix. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 May 13, 2020 Critical Debian
Banner 1 1028x280 1708121660 1771599717
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorymoderatefedora

Fedora 23: FEDORA-2016-680a5a8ead Moderate: Libreswan Security Update

Updated to 3.17 for CVE-2016-3071. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2016-680a5a8ead 2016-04-13 03:26:08.776348 -------------------------------------------------------------------------------- Name : libreswan Product : Fedora 23 Version : 3.17 Release : 1.fc23 URL : https://libreswan.org/ Summary : IPsec implementation with IKEv1 and IKEv2 keying protocols Description : Libreswan is a free implementation of IPsec & IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks. Everything passing through the untrusted net is encrypted by the ipsec gateway machine and decrypted by the gateway at the other end of the tunnel. The resulting tunnel is a virtual private network or VPN. This package contains the daemons and userland tools for setting up Libreswan. To build KLIPS, see the kmod-libreswan.spec file. Libreswan also supports IKEv2 (RFC4309) and Secure Labeling Libreswan is based on Openswan-2.6.38 which in turn is based on FreeS/WAN-2.04 -------------------------------------------------------------------------------- Update Information: Updated to 3.17 for CVE-2016-3071 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1323859 - libreswan-3.17 is available https://bugzilla.redhat.com/show_bug.cgi?id=1323859 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update libreswan' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/admin/lists/package-announce.lists.fedoraproject.org/ . Libreswan 3.17 for Fedora 23 tackles security vulnerability CVE-2016-3071 by providing improved IPsec safeguards along with essential updates.. Libreswan Update, IPsec Enhancement, Security Patch Notification. . LinuxSecurity.com Team

Calendar 2 Apr 13, 2016 Fedora
87
Ls Advisories Debian Esm H240
Price Tag 1security advisoryupdatecritical

Debian: DSA-3282-1 Critical: StrongSwan Authentication Flaw

Alexander E. Patrakov discovered an issue in strongSwan, an IKE/IPsec suite used to establish IPsec protected links. When an IKEv2 client authenticates the server with certificates and the . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3282-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Yves-Alexis Perez June 08, 2015 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : strongswan CVE ID : CVE-2015-4171 Alexander E. Patrakov discovered an issue in strongSwan, an IKE/IPsec suite used to establish IPsec protected links. When an IKEv2 client authenticates the server with certificates and the client authenticates itself to the server using pre-shared key or EAP, the constraints on the server certificate are only enforced by the client after all authentication steps are completed successfully. A rogue server which can authenticate using a valid certificate issued by any CA trusted by the client could trick the user into continuing the authentication, revealing the username and password digest (for EAP) or even the cleartext password (if EAP-GTC is accepted). For the oldstable distribution (wheezy), this problem has been fixed in version 4.5.2-1.5+deb7u7. For the stable distribution (jessie), this problem has been fixed in version 5.2.1-6+deb8u1. For the testing distribution (stretch), this problem has been fixed in version 5.3.1-1. For the unstable distribution (sid), this problem has been fixed in version 5.3.1-1. We recommend that you upgrade your strongswan packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. - -- Yves-Alexis Perez . Debian has issuedsecurity announcement DSA-3283-2 to resolve a vulnerability in OpenVPN. Users are urged to upgrade.. strongswan update,debian advisory,ipsec security. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jun 08, 2015 Critical Debian
Banner 1 1028x280 1708121660 1771599717
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here