Micah Anderson uploaded new packages for strongswan which fixed the following security problems: CVE-2012-2388 An authentication bypass issue was discovered by the Codenomicon CROSS project in strongSwan, an IPsec-based VPN solution. When using RSA-based setups, a missing check in the gmp plugin could allow an attacker presenting a forged signature to successfully authenticate against a strongSwan responder. For the squeeze-backports distribution the problems have been fixed in version 4.5.2-1.4~bpo60+1
Attachment:
pgp8MZoW9dOYB.pgp
Description: PGP signature