strongSwan Vulnerability (CVE-2017-9023)

If you use stronswan VPN check:
A denial-of-service vulnerability in the x509 plugin was discovered in strongSwan. All versions are affected.

Fix

Installations that don’t have the x509 plugin enabled and loaded are not vulnerable.

The just released strongSwan 5.5.3 fixes this vulnerability. For older releases we provide patches that fix the vulnerability in the respective versions and should apply with appropriate hunk offsets (please note that patches for versions < 4.4.0 are not provided).

1 Like

I got the packages for this fix from

https://downloads.lede-project.org/snapshots/packages/arm_cortex-a9_vfpv3/packages/

strongswan still seems to work fine.