strongSwan security team reports:
- A denial-of-service vulnerability in the IKEv2 key derivation was fixed
if the openssl plugin is used in FIPS mode and HMAC-MD5 is negotiated as
PRF (which is not FIPS-compliant). So this should only affect very specific setups,
but in such configurations all strongSwan versions since 5.0.1 may be affected.
- A denial-of-service vulnerability in the stroke plugin was fixed.
When reading a message from the socket the plugin did not check the received length.
Unless a group is configured, root privileges are required to access that socket,
so in the default configuration this shouldn't be an issue, but all strongSwan versions may be affected.