a837937973
Fixed a vulnerability in the EAP client implementation that was caused by incorrectly handling early EAP-Success messages. It may allow to bypass the client and in some scenarios even the server authentication, or could lead to a denial-of-service attack. This vulnerability has been registered as CVE-2021-45079: https://www.strongswan.org/blog/2022/01/24/strongswan-vulnerability-(cve-2021-45079).html https://github.com/strongswan/strongswan/releases/tag/5.9.5 Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Reviewed-by: Quentin Schulz <foss+buildroot@0leil.net> Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be> |
||
|---|---|---|
| .. | ||
| Config.in | ||
| strongswan.hash | ||
| strongswan.mk | ||