Gentoo Linux Security Advisory 202405-8 - Multiple vulnerabilities have been discovered in strongSwan, the worst of which could possibly lead to remote code execution. Versions greater than or equal to 5.9.10 are affected.
252872e18b5fec9db43d123978774d36b127f4f73771b1c8db65f408c79c70f0
Debian Linux Security Advisory 5249-1 - Lahav Schlesinger discovered a vulnerability in the revocation plugin of strongSwan, an IKE/IPsec suite.
001ab0bf44e202413c681162d6a7d7fcf47fe3d1980576d2c2a32989a5ee3e3a
Ubuntu Security Notice 5651-2 - USN-5651-1 fixed a vulnerability in strongSwan. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Lahav Schlesinger discovered that strongSwan incorrectly handled certain OCSP URIs and and CRL distribution points in certificates. A remote attacker could possibly use this issue to initiate IKE_SAs and send crafted certificates that contain URIs pointing to servers under their control, which can lead to a denial-of-service attack.
759a27511c8f487803c7aa104783c2c246c6fddf62edc3b8d14f204cff8a093e
Ubuntu Security Notice 5651-1 - Lahav Schlesinger discovered that strongSwan incorrectly handled certain OCSP URIs and and CRL distribution points in certificates. A remote attacker could possibly use this issue to initiate IKE_SAs and send crafted certificates that contain URIs pointing to servers under their control, which can lead to a denial-of-service attack.
307727d9f9df8f35a12cad1acef25cb191f668ed5401e4156a8ff7369ecdc831