[Announce] ANNOUNCE: strongswan-2.8.11 and strongswan-4.2.17 released

Andreas Steffen andreas.steffen at strongswan.org
Thu Jul 23 14:28:19 CEST 2009


the RDN parser vulnerability discovered by Orange Labs research team
two months ago was not completely fixed by the security patch


Some more modifications had to be applied to the asn1_length() function
to make it really robust. These modifications are available as a
patch for all strongSwan versions:


This fix has been integrated into the latest strongSwan releases 2.8.11,
4.2.17, and 4.3.3 available from http://download.strongswan.org/

Best regards


Andreas Steffen                         andreas.steffen at strongswan.org
strongSwan - the Linux VPN Solution!                www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)

More information about the Announce mailing list