USN-2811-1: strongSwan vulnerability
16 November 2015
strongSwan could be made to bypass authentication.
- strongswan - IPsec VPN solution
It was discovered that the strongSwan eap-mschapv2 plugin incorrectly
handled state. A remote attacker could use this issue to bypass
The problem can be corrected by updating your system to the following package versions:
In general, a standard system update will make all the necessary changes.