[ubuntu/jammy-proposed] strongswan 5.9.4-1ubuntu4 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Tue Feb 1 12:55:17 UTC 2022 

strongswan (5.9.4-1ubuntu4) jammy; urgency=medium

  * SECURITY UPDATE: Incorrect Handling of Early EAP-Success Messages
    - debian/patches/CVE-2021-45079.patch: enforce failure if MSK
      generation fails in src/libcharon/plugins/eap_gtc/eap_gtc.c,
      src/libcharon/plugins/eap_md5/eap_md5.c,
      src/libcharon/plugins/eap_radius/eap_radius.c,
      src/libcharon/sa/eap/eap_method.h,
      src/libcharon/sa/ikev2/authenticators/eap_authenticator.c.
    - CVE-2021-45079

Date: Tue, 01 Feb 2022 07:23:37 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/strongswan/5.9.4-1ubuntu4
-------------- next part --------------
Format: 1.8
Date: Tue, 01 Feb 2022 07:23:37 -0500
Source: strongswan
Built-For-Profiles: noudeb
Architecture: source
Version: 5.9.4-1ubuntu4
Distribution: jammy
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Changes:
 strongswan (5.9.4-1ubuntu4) jammy; urgency=medium
 .
   * SECURITY UPDATE: Incorrect Handling of Early EAP-Success Messages
     - debian/patches/CVE-2021-45079.patch: enforce failure if MSK
       generation fails in src/libcharon/plugins/eap_gtc/eap_gtc.c,
       src/libcharon/plugins/eap_md5/eap_md5.c,
       src/libcharon/plugins/eap_radius/eap_radius.c,
       src/libcharon/sa/eap/eap_method.h,
       src/libcharon/sa/ikev2/authenticators/eap_authenticator.c.
     - CVE-2021-45079
Checksums-Sha1:
 b47c4b9d23f2723ef3178ef858d7a37c06fcc7c1 3702 strongswan_5.9.4-1ubuntu4.dsc
 5a7125b09c3de24834a291a13323569c29e80aa6 130760 strongswan_5.9.4-1ubuntu4.debian.tar.xz
 29df8caac566216c611e642facd1612c890a8d3d 10024 strongswan_5.9.4-1ubuntu4_source.buildinfo
Checksums-Sha256:
 eaab87a42f32629bb538ad5738472c8f982922ace28fed0bc7ab626940929a84 3702 strongswan_5.9.4-1ubuntu4.dsc
 b23f07e1cf09ca5e0f3a39942b0e16fa2e033546a561d7987b9d3654ead3955f 130760 strongswan_5.9.4-1ubuntu4.debian.tar.xz
 1afc4c484290946b271dbc9c2c22060ca7ac5e665c8475716c44a0ced1bea9c5 10024 strongswan_5.9.4-1ubuntu4_source.buildinfo
Files:
 21fd1b0d9de97e6d80eb2811ab25df75 3702 net optional strongswan_5.9.4-1ubuntu4.dsc
 31452afd5ea5851b2a002d92e1f94745 130760 net optional strongswan_5.9.4-1ubuntu4.debian.tar.xz
 39f4920e8472ad6e2c90b73a2f086323 10024 net optional strongswan_5.9.4-1ubuntu4_source.buildinfo
Original-Maintainer: strongSwan Maintainers <pkg-swan-devel at lists.alioth.debian.org>

More information about the jammy-changes mailing list