FS#58719 - [strongswan] [Security] denial of service (CVE-2018-5388)

Attached to Project: Community Packages
Opened by Remi Gacogne (rgacogne) - Friday, 25 May 2018, 08:23 GMT
Last edited by Christian Rebischke (Shibumi) - Saturday, 26 May 2018, 14:12 GMT
Task Type Bug Report
Category Security
Status Closed
Assigned To Christian Rebischke (Shibumi)
Architecture All
Severity Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No

Details

Summary
=======

The package strongswan is vulnerable to denial of service via CVE-2018-5388.

Guidance
========

Since a new version has not been released, we should consider backporting the patch in [3].

References
==========

[1]: https://security.archlinux.org/AVG-710
[2]: https://www.kb.cert.org/vuls/id/338343
[3]: https://git.strongswan.org/?p=strongswan.git;a=commitdiff;h=0acd1ab4
This task depends upon

Closed by  Christian Rebischke (Shibumi)
Saturday, 26 May 2018, 14:12 GMT
Reason for closing:  Fixed
Additional comments about closing:  Fixed with 5.6.2-2

Loading...