From URL: ---- Alexander E. Patrakov recently reported a vulnerability in strongSwan that may enable rogue servers to obtain user credentials from a client in certain IKEv2 setups. Affected are all strongSwan versions since 4.3.0, up to 5.3.1. ---- http://www.openwall.com/lists/oss-security/2015/05/29/6 Vulnerable versions: >= 4.3.0, < 5.3.1. Versions in tree: 5.3.2 (unstable) (invulnerable) 5.2.2 (stable) (vulnerable) Could maintainers please: 1) stabilise 5.3.2 or 2) Apply http://download.strongswan.org/security/CVE-2015-4171/strongswan-5.1.0-5.3.1_enforce_remote_auth.patch (append .sig for PGP signature) Reproducible: Always
*** Bug 551562 has been marked as a duplicate of this bug. ***
*** Bug 551558 has been marked as a duplicate of this bug. ***
5.3.1 is also vulnerable - which is why we already have 5.3.2 in the tree :-) Please see: https://www.strongswan.org/blog/2015/06/08/strongswan-vulnerability-%28cve-2015-4171%29.html Security team, please go ahead and stabilize 5.3.2, thanks.
Arches, please test and mark stable: =net-misc/strongswan-5.3.2 Target keywords : "amd64 arm ppc x86"
amd64 stable
x86 stable
CVE-2015-4171 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4171): strongSwan 4.3.0 through 5.x before 5.3.2 and strongSwan VPN Client before 1.4.6, when using EAP or pre-shared keys for authenticating an IKEv2 connection, does not enforce server authentication restrictions until the entire authentication process is complete, which allows remote servers to obtain credentials by using a valid certificate and then reading the responses.
arm stable
ppc stable. Maintainer(s), please cleanup. Security, please vote.
Done, old version removed.
Arches and Maintainer(s), Thank you for your work. GLSA Vote: No
GLSA Vote: No