strongswan was updated to fix a rogue servers vulnerability, that may
enable rogue servers able to authenticate itself with certificate
issued by any CA the client trusts, to gain user credentials from
a client in certain IKEv2 setups (bsc#933591,CVE-2015-4171).

More information can be found on https://www.strongswan.org/blog/2015/06/08/strongswan-vulnerability-%28cve-2015-4171%29.html