[ubuntu/bionic-proposed] strongswan 5.6.1-2ubuntu4 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Wed Mar 7 14:50:21 UTC 2018 

strongswan (5.6.1-2ubuntu4) bionic; urgency=medium

  * SECURITY UPDATE: DoS via crafted RSASSA-PSS signature
    - debian/patches/CVE-2018-6459.patch: Properly handle MGF1 algorithm
      identifier without parameters in
      src/libstrongswan/credentials/keys/signature_params.c.
    - CVE-2018-6459

Date: Wed, 07 Mar 2018 14:52:02 +0100
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/strongswan/5.6.1-2ubuntu4
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 07 Mar 2018 14:52:02 +0100
Source: strongswan
Binary: strongswan libstrongswan libstrongswan-standard-plugins libstrongswan-extra-plugins libcharon-standard-plugins libcharon-extra-plugins strongswan-starter strongswan-libcharon strongswan-charon strongswan-nm strongswan-tnc-ifmap strongswan-tnc-base strongswan-tnc-client strongswan-tnc-server strongswan-tnc-pdp charon-cmd strongswan-pki strongswan-scepclient strongswan-swanctl charon-systemd
Architecture: source
Version: 5.6.1-2ubuntu4
Distribution: bionic
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
 charon-cmd - standalone IPsec client
 charon-systemd - strongSwan IPsec client, systemd support
 libcharon-extra-plugins - strongSwan charon library (extra plugins)
 libcharon-standard-plugins - strongSwan charon library (standard plugins)
 libstrongswan - strongSwan utility and crypto library
 libstrongswan-extra-plugins - strongSwan utility and crypto library (extra plugins)
 libstrongswan-standard-plugins - strongSwan utility and crypto library (standard plugins)
 strongswan - IPsec VPN solution metapackage
 strongswan-charon - strongSwan Internet Key Exchange daemon
 strongswan-libcharon - strongSwan charon library
 strongswan-nm - strongSwan plugin to interact with NetworkManager
 strongswan-pki - strongSwan IPsec client, pki command
 strongswan-scepclient - strongSwan IPsec client, SCEP client
 strongswan-starter - strongSwan daemon starter and configuration file parser
 strongswan-swanctl - strongSwan IPsec client, swanctl command
 strongswan-tnc-base - strongSwan Trusted Network Connect's (TNC) - base files
 strongswan-tnc-client - strongSwan Trusted Network Connect's (TNC) - client files
 strongswan-tnc-ifmap - strongSwan plugin for Trusted Network Connect's (TNC) IF-MAP clie
 strongswan-tnc-pdp - strongSwan plugin for Trusted Network Connect's (TNC) PDP
 strongswan-tnc-server - strongSwan Trusted Network Connect's (TNC) - server files
Changes:
 strongswan (5.6.1-2ubuntu4) bionic; urgency=medium
 .
   * SECURITY UPDATE: DoS via crafted RSASSA-PSS signature
     - debian/patches/CVE-2018-6459.patch: Properly handle MGF1 algorithm
       identifier without parameters in
       src/libstrongswan/credentials/keys/signature_params.c.
     - CVE-2018-6459
Checksums-Sha1:
 5d728a3d37d5a2ba7fbcaf8a7fe797c285f3d878 4082 strongswan_5.6.1-2ubuntu4.dsc
 8086806907f891de71ccea4fa502aabcdadc80c8 135668 strongswan_5.6.1-2ubuntu4.debian.tar.xz
 25735dc18af74ca65b89c6616ee14596f78f580d 11402 strongswan_5.6.1-2ubuntu4_source.buildinfo
Checksums-Sha256:
 06454a9ce8e3e8a070b1cd332df8f35de1c07dfe10602e3728a69a04b22abb23 4082 strongswan_5.6.1-2ubuntu4.dsc
 15f89a1b6a546f5db97b5119814a1a708f4cde8a43de5123e201fc4588e5819e 135668 strongswan_5.6.1-2ubuntu4.debian.tar.xz
 954476a9e1425857c5aee5c6c7e14972602ff91fd4a113a50a174436ce49eceb 11402 strongswan_5.6.1-2ubuntu4_source.buildinfo
Files:
 347808a639e84ba988f1e9e907acdb8d 4082 net optional strongswan_5.6.1-2ubuntu4.dsc
 6442ba8a2e28bbc63db08e525e6525a4 135668 net optional strongswan_5.6.1-2ubuntu4.debian.tar.xz
 d54319a306bf64f15ff0632dd0cf430e 11402 net optional strongswan_5.6.1-2ubuntu4_source.buildinfo
Original-Maintainer: strongSwan Maintainers <pkg-swan-devel at lists.alioth.debian.org>

-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJan/gAAAoJEGVp2FWnRL6T++MQAIElak01gHQban740L9wuVsE
o+XaAtfwBY3Zs3Ur75xHTyl6MqhH174Qx88k72uRbUms2HswSYqJTY6HWeH6A2XZ
sD3QpsH0Cdqo0EblveLRhXkHf4UeEMsEQhKlDw5HDcz5moLpC0H4m2k0ef7m0aYW
pHy5tPAVjdETuZQdiJDhUGW53H885i+BWNTM/wu1W/OmOTmFjmB69i9tRip5h7g6
k5aB0FdetjoCO5fDDVrw5KYRRdw9HH1E9ivHGIx8YoBswMXYfUzHfihiSg6+2qDP
LOwsSROQo0tVXmnZYB6VLVrBc2pi36KI7yqua+jhiJ7U4z3rCZsCG06SGGnGyD85
8j80r67ty7zJ14ls0/vVmzFT42D0lBGecWt87Lcacd8zaufcnEaabvbPHPBmF+dg
zOvwEgqYnsPia7zgNvlXi9vcJQUpQwSjKw9p4nlkt4fBYjZx6MUQdGdp0GRt0LcS
IJY7Y7qpscVzfxK9JNVzTqtvhvlmq4fvL4H9LwCumMRGCSe06lrldI3TSTLHnZeK
QOnyc4Nx/jInCy+Fdrsi79ykCZVL8v/IlWe2F363ENgwyz/EQVOM1IBKq7f7H947
EnMBv//wxZH1i6lIUSIZBaEoc97Ed8Uj8FLtdQ3OoTyyffrwyjwGrwEYUyUYdACG
rP7rA7QY3hN8SvQmYISf
=az4m
-----END PGP SIGNATURE-----

More information about the Bionic-changes mailing list