Request 311157: Incident strongswan - openSUSE Build Service

Overview

Request 311157 accepted

- Applied upstream fix for a rogue servers vulnerability, that may
enable rogue servers able to authenticate itself with certificate
issued by any CA the client trusts, to gain user credentials from
a client in certain IKEv2 setups (bsc#933591,CVE-2015-4171).
[+ 0006-strongswan-5.1.0-5.3.1_enforce_remote_auth.patch]

Created by mtomaschewski almost 9 years ago
In state accepted

Incident strongswan

Comments for request 311157 0

Login required, please login in order to comment

Request History

mtomaschewski created request almost 9 years ago

- Applied upstream fix for a rogue servers vulnerability, that may
enable rogue servers able to authenticate itself with certificate
issued by any CA the client trusts, to gain user credentials from
a client in certain IKEv2 setups (bsc#933591,CVE-2015-4171).
[+ 0006-strongswan-5.1.0-5.3.1_enforce_remote_auth.patch]

maintbot accepted review almost 9 years ago

accepted

maintbot approved review almost 9 years ago

accepted

msmeissn moved maintenance target to openSUSE:Maintenance:3831 almost 9 years ago

msmeissn accepted request almost 9 years ago

ok

openSUSE Build Service is sponsored by