[strongSwan] ANNOUNCE: strongswan-4.4.1 released
Thomas Jarosch
thomas.jarosch at intra2net.com
Mon Aug 2 16:47:35 CEST 2010
Hello,
On Monday, 2. August 2010 16:14:51 Andreas Steffen wrote:
> - snprintf vulnerability
> ----------------------
>
> A potential remote code execution vulnerability resulting from
> the misuse of snprintf() was fixed. The vulnerability was
> introduced with the strongswan-4.3.3 release and is exploitable
> by unauthenticated users. Patches for all releases starting with
> 4.3.3 are available under the following link:
>
> http://download.strongswan.org/patches/08_snprintf_patch/
>
> Also a new 4.3.7 release has been made available for 4.3.x users
Whoops. Thanks for providing the patches! Testing 4.3.7 right now.
Best regards,
Thomas Jarosch
More information about the Users
mailing list