Ubuntu Security Notice 3771-1 - It was discovered that strongSwan incorrectly handled IKEv2 key derivation. A remote attacker could possibly use this issue to cause strongSwan to crash, resulting in a denial of service. Sze Yiu Chau discovered that strongSwan incorrectly handled parsing OIDs in the gmp plugin. A remote attacker could possibly use this issue to bypass authorization. Sze Yiu Chau discovered that strongSwan incorrectly handled certain parameters fields in the gmp plugin. A remote attacker could possibly use this issue to bypass authorization. Various other issues were also addressed.
e17f096815ff5bd42d4ea76068f61f20c3869354f1a3c2c88ea7118d853351da