AVG-769 log

Package strongswan
Status Fixed
Severity High
Type authentication bypass
Affected 5.6.3-1
Fixed 5.7.0-1
Current 5.8.1-3 [community]
Ticket None
Created Mon Sep 24 16:35:35 2018
Issue Severity Remote Type Description
CVE-2018-16152 High Yes Authentication bypass
The algorithmIdentifier structure on a PKCS#1.5 signature contains an optional parameters field. While none of the algorithms used with PKCS#1 use...
CVE-2018-16151 High Yes Authentication bypass
The OID parser allows any number of random bytes after a valid OID for a PKCS#1.5 signature. The asn1_known_oid() function just parses until it finds a leaf...
Date Advisory Package Description
24 Sep 2018 ASA-201809-4 strongswan authentication bypass
References
https://wiki.strongswan.org/versions/70