[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[BSA-073] Security Update for strongswan



Micah Anderson uploaded new packages for strongswan which fixed the
following security problems:

CVE-2012-2388

 An authentication bypass issue was discovered by the Codenomicon CROSS
 project in strongSwan, an IPsec-based VPN solution. When using
 RSA-based setups, a missing check in the gmp plugin could allow an
 attacker presenting a forged signature to successfully authenticate
 against a strongSwan responder.

For the squeeze-backports distribution the problems have been fixed in
version 4.5.2-1.4~bpo60+1



Attachment: pgpOl61o7aum9.pgp
Description: PGP signature


Reply to: