update strongswan-ikev2 package for ubuntu xenial
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
strongswan (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
Update strongswan-ikev2 package to latest stable release 5.6.3, or backport mentioned security and bug fixes.
[Impact]
* Several security vulnerabilities have been fixed
* CVE-2018-6459: Insufficient Input Validation in RSASSA-PSS Signature Parser. For more details see: https:/
* CVE-2018-5388: Insufficient Input Validation in stroke Plugin: For more details see: https:/
* CVE-2018-10811: Missing Initialization of a Variable in IKEv2 Key Derivation. For more details see: https:/
* Packet loss during IKEv2 CHILD_SA rekeying: https:/
[Test Case]
* Consult links above for detailed information.
[Regression Potential]
* No regression expected, as all CVEs are security fixes and one bug fix.
[Other Info]
* n/a
----
# lsb_release -rd
Description: Ubuntu 16.04.4 LTS
Release: 16.04
# apt-cache policy strongswan-ikev2
strongswan-ikev2:
Installed: 5.3.5-1ubuntu3.5
Candidate: 5.3.5-1ubuntu3.5
Status changed to 'Confirmed' because the bug affects multiple users.