-
strongswan (5.9.1-1+deb11u3) bullseye-security; urgency=medium
* d/p/0009-credential-manager-Do-online-revocation-checks-only- added.
Fix CVE-2022-40617, denial of service due to revocation plugin
potentially using untrusted OCSP URIs and CRL distribution in
certificates (Closes: #1021271)
-- Yves-Alexis Perez <email address hidden> Thu, 06 Oct 2022 09:36:12 +0200
-
strongswan (5.9.1-1+deb11u2) bullseye-security; urgency=medium
* gbp: revert upstream branch name change
* eap-authenticator: Enforce failure if MSK generation fails
- Fix incorrect handling of Early EAP-Success Messages (CVE-2021-45079)
-- Yves-Alexis Perez <email address hidden> Fri, 21 Jan 2022 15:55:38 +0100
-
strongswan (5.9.1-1+deb11u1) bullseye-security; urgency=medium
* Reject RSASSA-PSS params with negative salt length
- fix remote denial of service (CVE-2021-41990)
* Prevent crash due to integer overflow / sign change
- fix remote denial of service (CVE-2021-41991)
* d/gpp.conf: track bullseye branches
-- Yves-Alexis Perez <email address hidden> Thu, 14 Oct 2021 22:36:24 +0200
-
strongswan (5.9.1-1) unstable; urgency=medium
* New upstream version 5.9.1
* d/patches: rebase against new upstream version
* d/watch: update to version 4
-- Yves-Alexis Perez <email address hidden> Wed, 11 Nov 2020 17:54:34 +0100
