AVG-2473 log
| Package | strongswan |
| Status | Fixed |
| Severity | Medium |
| Type | multiple issues |
| Affected | 5.9.3-1 |
| Fixed | 5.9.4-1 |
| Current | 5.9.14-1 [extra] |
| Ticket | None |
| Created | Mon Oct 18 17:41:55 2021 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2021-41991 | Medium | Yes | Arbitrary code execution | The in-memory certificate cache in strongSwan before 5.9.4 has a remote integer overflow upon receiving many requests with different certificates to fill... |
| CVE-2021-41990 | Medium | Yes | Denial of service | The gmp plugin in strongSwan before 5.9.4 has a remote integer overflow via a crafted certificate with an RSASSA-PSS signature. For example, this can be... |