AVG-2473 log

Package strongswan
Status Fixed
Severity Medium
Type multiple issues
Affected 5.9.3-1
Fixed 5.9.4-1
Current 5.9.5-1 [community]
Ticket None
Created Mon Oct 18 17:41:55 2021
Issue Severity Remote Type Description
CVE-2021-41991 Medium Yes Arbitrary code execution
The in-memory certificate cache in strongSwan before 5.9.4 has a remote integer overflow upon receiving many requests with different certificates to fill...
CVE-2021-41990 Medium Yes Denial of service
The gmp plugin in strongSwan before 5.9.4 has a remote integer overflow via a crafted certificate with an RSASSA-PSS signature. For example, this can be...