Jan Schermer discovered that strongSwan incorrectly validated client certificates in certain configurations. A remote attacker could possibly use this issue to bypass access controls.
{ "availability": "No subscription required", "binaries": [ { "binary_name": "charon-cmd", "binary_version": "5.9.5-2ubuntu2.3" }, { "binary_name": "charon-cmd-dbgsym", "binary_version": "5.9.5-2ubuntu2.3" }, { "binary_name": "charon-systemd", "binary_version": "5.9.5-2ubuntu2.3" }, { "binary_name": "charon-systemd-dbgsym", "binary_version": "5.9.5-2ubuntu2.3" }, { "binary_name": "libcharon-extauth-plugins", "binary_version": "5.9.5-2ubuntu2.3" }, { "binary_name": "libcharon-extauth-plugins-dbgsym", "binary_version": "5.9.5-2ubuntu2.3" }, { "binary_name": "libcharon-extra-plugins", "binary_version": "5.9.5-2ubuntu2.3" }, { "binary_name": "libcharon-extra-plugins-dbgsym", "binary_version": "5.9.5-2ubuntu2.3" }, { "binary_name": "libstrongswan", "binary_version": "5.9.5-2ubuntu2.3" }, { "binary_name": "libstrongswan-dbgsym", "binary_version": "5.9.5-2ubuntu2.3" }, { "binary_name": "libstrongswan-extra-plugins", "binary_version": "5.9.5-2ubuntu2.3" }, { "binary_name": "libstrongswan-extra-plugins-dbgsym", "binary_version": "5.9.5-2ubuntu2.3" }, { "binary_name": "libstrongswan-standard-plugins", "binary_version": "5.9.5-2ubuntu2.3" }, { "binary_name": "libstrongswan-standard-plugins-dbgsym", "binary_version": "5.9.5-2ubuntu2.3" }, { "binary_name": "strongswan", "binary_version": "5.9.5-2ubuntu2.3" }, { "binary_name": "strongswan-charon", "binary_version": "5.9.5-2ubuntu2.3" }, { "binary_name": "strongswan-charon-dbgsym", "binary_version": "5.9.5-2ubuntu2.3" }, { "binary_name": "strongswan-libcharon", "binary_version": "5.9.5-2ubuntu2.3" }, { "binary_name": "strongswan-libcharon-dbgsym", "binary_version": "5.9.5-2ubuntu2.3" }, { "binary_name": "strongswan-nm", "binary_version": "5.9.5-2ubuntu2.3" }, { "binary_name": "strongswan-nm-dbgsym", "binary_version": "5.9.5-2ubuntu2.3" }, { "binary_name": "strongswan-pki", "binary_version": "5.9.5-2ubuntu2.3" }, { "binary_name": "strongswan-pki-dbgsym", "binary_version": "5.9.5-2ubuntu2.3" }, { "binary_name": "strongswan-scepclient", "binary_version": "5.9.5-2ubuntu2.3" }, { "binary_name": "strongswan-scepclient-dbgsym", "binary_version": "5.9.5-2ubuntu2.3" }, { "binary_name": "strongswan-starter", "binary_version": "5.9.5-2ubuntu2.3" }, { "binary_name": "strongswan-starter-dbgsym", "binary_version": "5.9.5-2ubuntu2.3" }, { "binary_name": "strongswan-swanctl", "binary_version": "5.9.5-2ubuntu2.3" }, { "binary_name": "strongswan-swanctl-dbgsym", "binary_version": "5.9.5-2ubuntu2.3" } ] }