diff options
| author | Yves-Alexis Perez <corsac@debian.org> | 2015-11-18 14:49:27 +0100 |
|---|---|---|
| committer | Yves-Alexis Perez <corsac@debian.org> | 2015-11-18 14:49:27 +0100 |
| commit | 1e980d6be0ef0e243c6fe82b5e855454b97e24a4 (patch) | |
| tree | 0d59eec2ce2ed332434ae80fc78a44db9ad293c5 /NEWS | |
| parent | 5dca9ea0e2931f0e2a056c7964d311bcc30a01b8 (diff) | |
| download | vyos-strongswan-1e980d6be0ef0e243c6fe82b5e855454b97e24a4.tar.gz vyos-strongswan-1e980d6be0ef0e243c6fe82b5e855454b97e24a4.zip | |
Imported Upstream version 5.3.4
Diffstat (limited to 'NEWS')
| -rw-r--r-- | NEWS | 16 |
1 files changed, 15 insertions, 1 deletions
@@ -1,3 +1,17 @@ +strongswan-5.3.4 +---------------- + +- Fixed an authentication bypass vulnerability in the eap-mschapv2 plugin that + was caused by insufficient verification of the internal state when handling + MSCHAPv2 Success messages received by the client. + This vulnerability has been registered as CVE-2015-8023. + +- The sha3 plugin implements the SHA3 Keccak-F1600 hash algorithm family. + Within the strongSwan framework SHA3 is currently used for BLISS signatures + only because the OIDs for other signature algorithms haven't been defined + yet. Also the use of SHA3 for IKEv2 has not been standardized yet. + + strongswan-5.3.3 ---------------- @@ -37,7 +51,7 @@ strongswan-5.3.3 since 5.0.0) and packets that have the flag set incorrectly are again ignored. - Implemented a demo Hardcopy Device IMC/IMV pair based on the "Hardcopy - Device Health Assessment Trusted Network Connect Binding" (HCD-TNC) + Device Health Assessment Trusted Network Connect Binding" (HCD-TNC) document drafted by the IEEE Printer Working Group (PWG). - Fixed IF-M segmentation which failed in the presence of multiple small |