[strongSwan] New strongswan version 5.2.2 + DOS fix
Noel Kuntze
noel at familie-kuntze.de
Tue Jan 6 16:55:44 CET 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Hello list,
As of yesterday, version 5.2.2 is available. It hasn't been anounced by the devs yet, but you can download it.
The new version includes a patch for a critical DOS vulnerability (CVE-2014-9221 and [1]).
The patch is also available on downloads.strongswan.org [2].
An extensive changelog is at [3].
I advise to patch your installationsor upgrade to 5.2.2 ASAP.
I do not know why the devs did not anounce it already, as it's already visible on strongswan.org.
[1] https://www.strongswan.org/blog/2015/01/05/strongswan-denial-of-service-vulnerability-(cve-2014-9221).html
[2] https://download.strongswan.org/patches/17_modp_custom_patch/
[3] https://wiki.strongswan.org/projects/strongswan/wiki/Changelog52
- --
Mit freundlichen Grüßen/Regards,
Noel Kuntze
GPG Key ID: 0x63EC6658
Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIbBAEBCAAGBQJUrAV9AAoJEDg5KY9j7GZYfkMP+OXjAP/Na918/ef8X3ipZbKQ
2tpt7bYPIdhG06SItzUEqVKpsrvvIBlhMrvMozYqz28xiiRYxBoWd8wfgrMudhl1
4AgpbIWI5adQZPa+sP4sGw4H3RbjPrDgv3Q1QLDgbX3r+9yCEtKnbh12Z5NJGi5B
rffkrchWPVezIEKiU4blroatT9NxOBQUPhWKESoxz2JaRgUj1yBhybLLmx3VUkKH
gnxQqNvn3FxnU1zQGPk9ZU7K3cIpDBWFVp21OsztTh/4n2VSQ1eQ1Dfm2fzb4VBO
StcL9pghIq3uHUNihqVh4NnALSzdHOrXUNPVd9TvoVZ+QRO6jbeVZNF//iEaHb3w
GG/opiCXVzwIw7BEVJHLxlnWaTbpA5vXrd/aQGOKBROmUn/QEDDc7MThWFRTM/88
SInHMYrTqjkqsgalC3cDmpYEhevaeU1a8O2FBCkXjLkSqVu7ViiK+4wj7AuX3fjW
Dr/uugRoun8Ah789lJ9KTyrPx8hT6BRw6iaKlvwNdzBeg7VCyrCZapzg7+ugRADd
lcfm02Lucr3Z8rFIYLa0LDcppJcIPmppWDcRzwQKvQ+azfxbdTKaGPpMIc0b25sk
pPrJ7T+2whHYIAp4HXLL0Gy0eyHZmAO2OE2uCVEcmgCACVzQht5M6Dl3h+XJOICE
MrCd7VsMvPQF6RnSUv0=
=ptXW
-----END PGP SIGNATURE-----
More information about the Users
mailing list