strongSwan 4.6.4 was released [1] to fix a security flaw in 4.2.0 through to 4.6.3. If the gmp plugin were used for RSA signature verification with IKEv1 or IKEv2, an empty or zeroed signature was handled as a legitimate one. A connection definition using RSA authentication is required to exploit this flaw, and an attacker presenting a forged signature and/or certificate could authenticate as any legitimate user. The fix is present in version 4.6.4 or as a patch [2]. [1] http://www.strongswan.org/blog/2012/05/31/strongswan-4.6.4-released-(cve-2012-2388).html [2] http://download.strongswan.org/patches/09_gmp_rsa_signature_patch/strongswan-4.2.0-4.6.3_gmp_rsa_signature.patch
Created strongswan tracking bugs for this issue Affects: fedora-all [bug 828361] Affects: epel-6 [bug 828362]