Version libreswan-3.16 is affected by the latest CVE issue
Please upgrade to at least version 3.17.To report new security issues, send an encrypted email to security@libreswan.org using our GPG KeyID 0xB30FC6F9
| CVE Number | Date | Vulnerability Information | Vulnerable | Files |
|---|---|---|---|---|
| CVE-2016-3071 | Apr 4, 2016 | IKEv2 aes_xcbc transform causes restart of IKE daemon | 3.16 | Patches |
| CVE-2015-3240 | Aug 24, 2015 | bad DH g^x by remote peer causes IKE daemon restart | 3.0 - 3.15 | Patches |
| CVE-2015-3204 | Jun 1, 2015 | malicious payload causes IKE daemon restart | 3.9 - 3.12 | Patches |
| CVE-2013-6467 | Jan 15, 2014 | dereferencing missing IKEv2 payloads causes restart | 3.0 - 3.7 | Patches |
| CVE-2013-4564 | Dec 10, 2013 | Denial of Service with bogus IKE packet | 3.6 | - |
| CVE-2013-6467 | May 13, 2013 | remote buffer overflow in atodn() | 3.0 - 3.1 | Patches |