strongswan-5.6.0-1.ip3 Release build
IPsec (IKEv1 + IKEv2) implementation for Linux.



strongswan: Update to 5.6.0

Fixed a DoS vulnerability in the gmp plugin that was caused by insufficient input validation when verifying RSA signatures, which requires decryption with the operation m^e mod n, where m is the signature, and e and n are the exponent and modulus of the public key. The value m is an integer between 0 and n-1, however, the gmp plugin did not verify this. So if m equals n the calculation results in 0, in which case mpz_export() returns NULL. This result wasn't handled properly causing a null-pointer dereference.

This vulnerability has been registered as <a href="" target="_blank" rel="noopener">CVE-2017-1118</a>5.

Author Michael Tremer ‐ Commit cfd8f20


  • August 23, 2017 at 7:51 pm

    Build has been created


This package does not belong to any repository.


0 people.