[strongSwan] ANNOUNCE: strongSwan 5.1.0 released including fix for CVE-2013-5018
andreas.steffen at strongswan.org
Wed Aug 7 14:28:32 CEST 2013
we are happy to announce the latest stable strongSwan 5.1.0 release.
A list of the many new features can be found in the following blog
Shortly before the software release, one of our users reported a crash
of the charon daemon which we quickly identified as a Denial-of-Service
vulnerability that can be easily exploited. We decided to fix this
fault without delay and to include the patch in the 5.1.0 release.
For details refer to the separate blog entry:
If you are running a productive system with either strongSwan 5.0.3
or 5.0.4 and are using IKEv2 EAP or IKEv1 XAUTH password-based
user authentication then we urge you to either patch the source code
or update to 5.1.0. We apologize for any inconveniences.
Tobias Brunner, Martin Willi, Andreas Steffen
The strongSwan Team
Andreas Steffen andreas.steffen at strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 4468 bytes
Desc: S/MIME Cryptographic Signature
More information about the Users