[strongSwan] New strongswan version 5.2.2 + DOS fix

Noel Kuntze noel at familie-kuntze.de
Tue Jan 6 16:55:44 CET 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hello list,

As of yesterday, version 5.2.2 is available. It hasn't been anounced by the devs yet, but you can download it.
The new version includes a patch for a critical DOS vulnerability (CVE-2014-9221 and [1]).
The patch is also available on downloads.strongswan.org [2].

An extensive changelog is at [3].

I advise to patch your installationsor upgrade to 5.2.2 ASAP.

I do not know why the devs did not anounce it already, as it's already visible on strongswan.org.

[1] https://www.strongswan.org/blog/2015/01/05/strongswan-denial-of-service-vulnerability-(cve-2014-9221).html
[2] https://download.strongswan.org/patches/17_modp_custom_patch/
[3] https://wiki.strongswan.org/projects/strongswan/wiki/Changelog52

- -- 

Mit freundlichen Grüßen/Regards,
Noel Kuntze

GPG Key ID: 0x63EC6658
Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIbBAEBCAAGBQJUrAV9AAoJEDg5KY9j7GZYfkMP+OXjAP/Na918/ef8X3ipZbKQ
2tpt7bYPIdhG06SItzUEqVKpsrvvIBlhMrvMozYqz28xiiRYxBoWd8wfgrMudhl1
4AgpbIWI5adQZPa+sP4sGw4H3RbjPrDgv3Q1QLDgbX3r+9yCEtKnbh12Z5NJGi5B
rffkrchWPVezIEKiU4blroatT9NxOBQUPhWKESoxz2JaRgUj1yBhybLLmx3VUkKH
gnxQqNvn3FxnU1zQGPk9ZU7K3cIpDBWFVp21OsztTh/4n2VSQ1eQ1Dfm2fzb4VBO
StcL9pghIq3uHUNihqVh4NnALSzdHOrXUNPVd9TvoVZ+QRO6jbeVZNF//iEaHb3w
GG/opiCXVzwIw7BEVJHLxlnWaTbpA5vXrd/aQGOKBROmUn/QEDDc7MThWFRTM/88
SInHMYrTqjkqsgalC3cDmpYEhevaeU1a8O2FBCkXjLkSqVu7ViiK+4wj7AuX3fjW
Dr/uugRoun8Ah789lJ9KTyrPx8hT6BRw6iaKlvwNdzBeg7VCyrCZapzg7+ugRADd
lcfm02Lucr3Z8rFIYLa0LDcppJcIPmppWDcRzwQKvQ+azfxbdTKaGPpMIc0b25sk
pPrJ7T+2whHYIAp4HXLL0Gy0eyHZmAO2OE2uCVEcmgCACVzQht5M6Dl3h+XJOICE
MrCd7VsMvPQF6RnSUv0=
=ptXW
-----END PGP SIGNATURE-----




More information about the Users mailing list