[strongSwan] Security vulnerability
andreas.steffen at strongswan.org
Mon Jun 4 18:24:02 CEST 2012
the reported vulnerability is in the gmp plugin of strongSwan versions
4.2.0 up to 4.6.3, not in the libgmp library used by the plugin.
On 06/04/2012 05:34 PM, Yong Choo wrote:
>>If no load statement is given, the plugin configuration depends on
>>your ./configure options. If you didn't --disable-gmp explicitly, it is
>>built and used by default.
> Does this apply even if we have a different version of gmp library
> (libgmp.so.3.4.1 in /usr/lib)?
> On 6/4/2012 10:49 AM, Martin Willi wrote:
>> Hi Andreas,
>>> If the plugin gmp is in strongswan.conf not enabled, is it in use or
>> If no load statement is given, the plugin configuration depends on
>> your ./configure options. If you didn't --disable-gmp explicitly, it is
>> built and used by default.
>>> Is it possible to see all used plugins in strongswan?
>> "ipsec statusall" lists all loaded plugins of a running daemon.
Andreas Steffen andreas.steffen at strongswan.org
strongSwan - the Linux VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
More information about the Users