[ubuntu/resolute-proposed] strongswan 6.0.4-1ubuntu2 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Mon Mar 23 15:08:26 UTC 2026
strongswan (6.0.4-1ubuntu2) resolute; urgency=medium
* SECURITY UPDATE: Integer Underflow When Handling EAP-TTLS AVP
- debian/patches/CVE-2026-25075.patch: prevent crash if AVP length
header field is invalid in
src/libcharon/plugins/eap_ttls/eap_ttls_avp.c.
- CVE-2026-25075
Date: Mon, 23 Mar 2026 10:28:45 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/strongswan/6.0.4-1ubuntu2
-------------- next part --------------
Format: 1.8
Date: Mon, 23 Mar 2026 10:28:45 -0400
Source: strongswan
Built-For-Profiles: derivative.ubuntu noudeb
Architecture: source
Version: 6.0.4-1ubuntu2
Distribution: resolute
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Changes:
strongswan (6.0.4-1ubuntu2) resolute; urgency=medium
.
* SECURITY UPDATE: Integer Underflow When Handling EAP-TTLS AVP
- debian/patches/CVE-2026-25075.patch: prevent crash if AVP length
header field is invalid in
src/libcharon/plugins/eap_ttls/eap_ttls_avp.c.
- CVE-2026-25075
Checksums-Sha1:
5fd8296461adef6cf6c79767c561c46c0f70fb45 3465 strongswan_6.0.4-1ubuntu2.dsc
40451a3918d9d5806c1cee4a9bbabf8886851d13 144364 strongswan_6.0.4-1ubuntu2.debian.tar.xz
309f40a6113c473c9d72f7a7f2fddf9f647265b9 11131 strongswan_6.0.4-1ubuntu2_source.buildinfo
Checksums-Sha256:
9aa9d3bd9a33e164a35082ea2c2412a34992e63a57744f897635214a6fadb9d7 3465 strongswan_6.0.4-1ubuntu2.dsc
a3cf4cc60e0987aaa2937859c1df41c6327a4c99f25c1e7227939dc6d46fe831 144364 strongswan_6.0.4-1ubuntu2.debian.tar.xz
59ccf4042a0eee095faef540caeb47a96d5ac2452e684bd0f5a9512adf5fd70e 11131 strongswan_6.0.4-1ubuntu2_source.buildinfo
Files:
8bb8c22f6c9afe474d40832b8ea7aa10 3465 net optional strongswan_6.0.4-1ubuntu2.dsc
9ac39c0cb81098a48fe38da7f1ddca9e 144364 net optional strongswan_6.0.4-1ubuntu2.debian.tar.xz
6e293e3a36f24ebd29bdc632b5d4660f 11131 net optional strongswan_6.0.4-1ubuntu2_source.buildinfo
Original-Maintainer: strongSwan Maintainers <pkg-swan-devel at lists.alioth.debian.org>
More information about the Resolute-changes
mailing list