USN-2811-1: strongSwan vulnerability

16 November 2015

strongSwan could be made to bypass authentication.

Releases

Packages

Details

It was discovered that the strongSwan eap-mschapv2 plugin incorrectly
handled state. A remote attacker could use this issue to bypass
authentication.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 15.10
Ubuntu 15.04
Ubuntu 14.04

In general, a standard system update will make all the necessary changes.

References