-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAmZDWNcACgkQZWnYVadE
vpP8nw/+M/ANTX4RO9lkSEmHAS+t0pBDDvOFoVMAPIgMl/+Zj2gt42cDRcjMRBbi
YdY/F9MvDu60D8Lv4gHyqqu6xppn6BVeTNNaWFUvS3wHIPMOsIgsTNVgWzrSDUZL
JaXTjZs/aeDRoKosnnjixNjis6AWd5G0V1I8MG1lMb3MmU19CvmmAUr2c9FMM6R3
w1o37le/Y3E9Zn5NY3o+kbi1vE85RZsw6A0yIz00UUaK34Ugg5QDIHzl4gyENOs0
THsdI5DiNNbTXU6XSYxEzhkAdQFWThem4Da3Pe+0BArmrqnnFCNTgxoFpOfO8Ug2
PDrNXANDeRaefCXnkP/T1Q/dD7FrkCsGWJEPSTGS2EFo33IwwOxNovPPSAFjI2rD
WPLzdAqQlDejDEPE2UMskvDKqoRQnOwaPWPf4M7IXeW1QTthBH1ymPV7MHVWeyZY
KXMcMma8zaA6x2i8Y1VMKV+YtGaxM/De1z1SWegyPg5ICxW+w5iz0NhFLv99YSwo
9UeTNLV/aLIVjgGtZ14iIesPPg6B4HiepfpbeQMC3IU/uu6Gs5d2XnNBbtrreRru
HjfMlv/S+w7Wn+HyEiNZEG9+9b2SGfas2h+k18pD1E/f/G7cPziBsPEBNYk6ZuZT
BMHMQouF2/i0uU+TC/1QutsLODP1S//ixwdwv+miiiqr7ujU9jw=
=FNCu
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-6772-1
May 14, 2024
strongswan vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.04 LTS
Summary:
Fraudulent security certificates could allow access controls to be
bypassed.
Software Description:
- strongswan: IPsec VPN solution
Details:
Jan Schermer discovered that strongSwan incorrectly validated client
certificates in certain configurations. A remote attacker could possibly
use this issue to bypass access controls.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 22.04 LTS
libstrongswan 5.9.5-2ubuntu2.3
strongswan 5.9.5-2ubuntu2.3
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-6772-1
CVE-2022-4967
Package Information:
https://launchpad.net/ubuntu/+source/strongswan/5.9.5-2ubuntu2.3
No comments:
Post a Comment