[OpenWrt-Devel] strongswan CVE-2015-3991 CVE-2015-4171

[Noel Kuntze]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256


Hello list,

In the last days, two critical vulnerabilities were discovered in strongswan.
Those are CVE-2015-4171[1]  and CVE-2015-3991[2].
It is necessary to rebuild all packages from version 4.3.0 to 5.3.2 with
the necessary patches as those versions are affected. The first issue
is the more critical one, as it allows an attacker to gain
user credentials by using DNS spoofing if one side only uses XAUTH or EAP-GTC to authenticate itself.


[1] https://strongswan.org/blog/2015/06/08/strongswan-vulnerability-(cve-2015-4171).html
[2] https://strongswan.org/blog/2015/06/01/strongswan-vulnerability-(cve-2015-3991).html

- -- 

Mit freundlichen Grüßen/Kind Regards,
Noel Kuntze

GPG Key ID: 0x63EC6658
Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJVdZSDAAoJEDg5KY9j7GZYLZEP/jEE/DKd4eRYezLe8ZnGPOIp
rUSPNwl0+Bq/gf/Ui9VqGXqts492T4x4Lb2c+lgGPmqepCOrJ8E1J0HstfCTm/p6
CwSB4mVkLek0cRzJFueXHt6Yt2XboONVelY6XWrZlDsSKDeaOEGJNj3W7pFH6XXV
f+6F50frexsW2fSa8coUrfx55OikPc+yas//nBWYTZVvKA7Z+Fa/DJHTktiGlW3G
Z1venWqRuBw5kEvcAExVklrGIBsIMTxRPnLE1anN6LNjKgJz4xMIHGZgeSKrd6Rr
fekHV+dZeSKkUmeomGKIaPEjORo7teLz7jxMrJxe4gF1vuhZ/RZY7LqZclRhinVV
kJrzboanxthSmFfiKFy0/AlSvYBLSawoy4kKB/xuEN4VSphfCqNVJDc5b5QByV0F
Ea2veLJIYOWn4MlTc3kN2C9M02oTb3EN4raCj5Q9q56onZac7yGzLwJbkWaLngoB
OIPI4Vbb78XYryHa7SeKEj2blibdF+ZLkJaFpj6oP1S01hCFrzHqf5eRFp1ZtdNq
/JXgN5LZsAUljciv0u+M1mNuuqcqGDq+knnxK7KwCJSZBSNb3hA2VahXxrjn9Jph
LVGA/K07eHARdQbI+Cho5kMUJLDnvNsPa5AvqhamAocqvOMZbclHCz+FfnrZlW43
x4p/eZcVbV6gYV6FUmQf
=Z8rb
-----END PGP SIGNATURE-----
_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel