Gentoo Linux Security Advisory 201811-16 - Multiple vulnerabilities have been found in strongSwan, the worst of which could lead to a Denial of Service condition. Versions less than 5.7.1 are affected.
90b2c65ae66ecb8393798be16d494aeac84b63c0e80ade4bc9082323fe2ace84
Ubuntu Security Notice 3771-1 - It was discovered that strongSwan incorrectly handled IKEv2 key derivation. A remote attacker could possibly use this issue to cause strongSwan to crash, resulting in a denial of service. Sze Yiu Chau discovered that strongSwan incorrectly handled parsing OIDs in the gmp plugin. A remote attacker could possibly use this issue to bypass authorization. Sze Yiu Chau discovered that strongSwan incorrectly handled certain parameters fields in the gmp plugin. A remote attacker could possibly use this issue to bypass authorization. Various other issues were also addressed.
e17f096815ff5bd42d4ea76068f61f20c3869354f1a3c2c88ea7118d853351da
Debian Linux Security Advisory 4305-1 - Sze Yiu Chau and his team from Purdue University and The University of Iowa found several issues in the gmp plugin for strongSwan, an IKE/IPsec suite.
3600f91c663ea865ce9da23457277830706c0b7bfd18f2204a59509fb92beb1a