The rsa_pss_params_parse function in libstrongswan/credentials/keys/signature_params.c in strongSwan 5.6.1 allows remote attackers to cause a denial of service via a crafted RSASSA-PSS signature that lacks a mask generation function parameter. External References: https://www.strongswan.org/blog/2018/02/19/strongswan-vulnerability-%28cve-2018-6459%29.html
Created strongswan tracking bugs for this issue: Affects: epel-all [bug 1547538] Affects: fedora-all [bug 1547537]
wasfixed in 5.6.2