UbuntuUpdates.org

Package "strongswan-libcharon"

Name: strongswan-libcharon

Description:

strongSwan charon library

Latest version: 5.9.5-2ubuntu2.3
Release: jammy (22.04)
Level: security
Repository: main
Head package: strongswan
Homepage: http://www.strongswan.org

Links


Download "strongswan-libcharon"


Other versions of "strongswan-libcharon" in Jammy

Repository Area Version
base main 5.9.5-2ubuntu2
updates main 5.9.5-2ubuntu2.3

Changelog

Version: 5.9.5-2ubuntu2.3 2024-05-14 13:07:43 UTC

  strongswan (5.9.5-2ubuntu2.3) jammy-security; urgency=medium

  * SECURITY UPDATE: improper certificate validation
    - debian/patches/CVE-2022-4967.patch: enforce client/server identity
      when looking for public key in src/libtls/tls_peer.c,
      src/libtls/tls_server.c.
    - CVE-2022-4967

 -- Marc Deslauriers <email address hidden> Mon, 13 May 2024 16:16:55 +0200

Source diff to previous version
CVE-2022-4967 strongSwan versions 5.9.2 through 5.9.5 are affected by authorization bypass through improper validation of certificate with host mismatch (CWE-297).

Version: 5.9.5-2ubuntu2.2 2023-11-20 17:06:57 UTC

  strongswan (5.9.5-2ubuntu2.2) jammy-security; urgency=medium

  * SECURITY UPDATE: Buffer Overflow When Handling DH Public Values
    - debian/patches/CVE-2023-41913.patch: Validate DH public key to fix
      potential buffer overflow in
      src/charon-tkm/src/tkm/tkm_diffie_hellman.c.
    - CVE-2023-41913

 -- Marc Deslauriers <email address hidden> Tue, 07 Nov 2023 11:46:10 +0200

Source diff to previous version

Version: 5.9.5-2ubuntu2.1 2022-10-03 18:07:23 UTC

  strongswan (5.9.5-2ubuntu2.1) jammy-security; urgency=medium

  * SECURITY UPDATE: Using Untrusted URIs for Revocation Checking
    - debian/patches/CVE-2022-40617.patch: do online revocation checks only
      after basic trust chain validation in
      src/libstrongswan/credentials/credential_manager.c.
    - CVE-2022-40617

 -- Marc Deslauriers <email address hidden> Tue, 20 Sep 2022 14:07:10 -0400

CVE-2022-40617 RESERVED



About   -   Send Feedback to @ubuntu_updates