[ubuntu/cosmic-proposed] strongswan 5.6.3-1ubuntu2 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Thu Sep 27 16:32:37 UTC 2018 

strongswan (5.6.3-1ubuntu2) cosmic; urgency=medium

  * SECURITY UPDATE: Insufficient input validation in gmp plugin
    - debian/patches/strongswan-5.6.1-5.6.3_gmp-pkcs1-verify.patch: don't
      parse PKCS1 v1.5 RSA signatures to verify them in
      src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c,
      src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c.
    - CVE-2018-16151
    - CVE-2018-16152

Date: Tue, 25 Sep 2018 10:16:15 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/strongswan/5.6.3-1ubuntu2
-------------- next part --------------
Format: 1.8
Date: Tue, 25 Sep 2018 10:16:15 -0400
Source: strongswan
Binary: strongswan libstrongswan libstrongswan-standard-plugins libstrongswan-extra-plugins libcharon-standard-plugins libcharon-extra-plugins strongswan-starter strongswan-libcharon strongswan-charon strongswan-nm strongswan-tnc-ifmap strongswan-tnc-base strongswan-tnc-client strongswan-tnc-server strongswan-tnc-pdp charon-cmd strongswan-pki strongswan-scepclient strongswan-swanctl charon-systemd
Architecture: source
Version: 5.6.3-1ubuntu2
Distribution: cosmic
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
 charon-cmd - standalone IPsec client
 charon-systemd - strongSwan IPsec client, systemd support
 libcharon-extra-plugins - strongSwan charon library (extra plugins)
 libcharon-standard-plugins - strongSwan charon library (standard plugins)
 libstrongswan - strongSwan utility and crypto library
 libstrongswan-extra-plugins - strongSwan utility and crypto library (extra plugins)
 libstrongswan-standard-plugins - strongSwan utility and crypto library (standard plugins)
 strongswan - IPsec VPN solution metapackage
 strongswan-charon - strongSwan Internet Key Exchange daemon
 strongswan-libcharon - strongSwan charon library
 strongswan-nm - strongSwan plugin to interact with NetworkManager
 strongswan-pki - strongSwan IPsec client, pki command
 strongswan-scepclient - strongSwan IPsec client, SCEP client
 strongswan-starter - strongSwan daemon starter and configuration file parser
 strongswan-swanctl - strongSwan IPsec client, swanctl command
 strongswan-tnc-base - strongSwan Trusted Network Connect's (TNC) - base files
 strongswan-tnc-client - strongSwan Trusted Network Connect's (TNC) - client files
 strongswan-tnc-ifmap - strongSwan plugin for Trusted Network Connect's (TNC) IF-MAP clie
 strongswan-tnc-pdp - strongSwan plugin for Trusted Network Connect's (TNC) PDP
 strongswan-tnc-server - strongSwan Trusted Network Connect's (TNC) - server files
Changes:
 strongswan (5.6.3-1ubuntu2) cosmic; urgency=medium
 .
   * SECURITY UPDATE: Insufficient input validation in gmp plugin
     - debian/patches/strongswan-5.6.1-5.6.3_gmp-pkcs1-verify.patch: don't
       parse PKCS1 v1.5 RSA signatures to verify them in
       src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c,
       src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c.
     - CVE-2018-16151
     - CVE-2018-16152
Checksums-Sha1:
 5dbe3948a3eb0eeca0b4e57c45faf95b9799f312 3923 strongswan_5.6.3-1ubuntu2.dsc
 63331bb50dc02d02c9e6f6e2274eb2e5bad1f53e 139132 strongswan_5.6.3-1ubuntu2.debian.tar.xz
 e9084d9991f34b6d654566f31a36d6898d8013ed 11216 strongswan_5.6.3-1ubuntu2_source.buildinfo
Checksums-Sha256:
 aa5f778cabe8bb06bf78fe72929cdc044d2789df8e6f0d398d7909686401c46a 3923 strongswan_5.6.3-1ubuntu2.dsc
 16704b808aae9e1e533d1b54f2864a37acb3c8f23462e7510e89dabeed068c06 139132 strongswan_5.6.3-1ubuntu2.debian.tar.xz
 e4584b5cdffc1c5f8753f75147b7bebbb17f53c01a1ecffb15ac801954bea006 11216 strongswan_5.6.3-1ubuntu2_source.buildinfo
Files:
 df94ddb31afd63544e7fee91c0eb1405 3923 net optional strongswan_5.6.3-1ubuntu2.dsc
 b450bffbbc9063160a5c66b36a6c153d 139132 net optional strongswan_5.6.3-1ubuntu2.debian.tar.xz
 180a7222da756da5a537d2123e59ca8d 11216 net optional strongswan_5.6.3-1ubuntu2_source.buildinfo
Original-Maintainer: strongSwan Maintainers <pkg-swan-devel at lists.alioth.debian.org>

More information about the Cosmic-changes mailing list