Version 5.7.1 » History » Version 2
Tobias Brunner, 01.10.2018 18:47
| 1 | 1 | Tobias Brunner | h1. Version 5.7.1 |
|---|---|---|---|
| 2 | 1 | Tobias Brunner | |
| 3 | 2 | Tobias Brunner | * Fixes a vulnerability in the _gmp_ plugin triggered by crafted certificates with RSA keys with |
| 4 | 2 | Tobias Brunner | very small moduli. When verifying signatures with such keys, the code patched with the fix |
| 5 | 2 | Tobias Brunner | for "CVE-2018-16151/2 ":https://www.strongswan.org/blog/2018/09/24/strongswan-vulnerability-(cve-2018-16151,-cve-2018-16152).html caused an integer underflow and subsequent heap buffer overflow |
| 6 | 2 | Tobias Brunner | that results in a crash of the daemon. |
| 7 | 2 | Tobias Brunner | The vulnerability has been registered as "CVE-2018-17540":https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-17540. |
| 8 | 2 | Tobias Brunner | Please refer to "our blog":https://www.strongswan.org/blog/2018/10/01/strongswan-vulnerability-(cve-2018-17540).html for details. |
| 9 | 2 | Tobias Brunner | |
| 10 | 2 | Tobias Brunner | * This release contains no other changes, please refer to version:5.7.0 for other features and fixes. |