strongSwan: Multiple vulnerabilities Multiple vulnerabilities have been found in strongSwan, the worst of which could lead to a Denial of Service condition. strongswan 2018-11-26 2018-11-26 648610 656338 658230 668862 remote 5.7.1 5.7.1

strongSwan is an IPSec implementation for Linux.

Multiple vulnerabilities have been discovered in strongSwan. Please review the CVE identifiers referenced below for details.

A remote attacker could cause a Denial of Service condition or impersonate a user.

There is no known workaround at this time.

All strongSwan users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose ">=net-vpn/strongswan-5.7.1" CVE-2018-10811 CVE-2018-16151 CVE-2018-16152 CVE-2018-17540 CVE-2018-5388 CVE-2018-6459 whissi b-man