FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

strongSwan -- certificate verification vulnerability

Affected packages
5.9.8 <= strongswan < 5.9.9_2

Details

VuXML ID 3f9b6943-ba58-11ed-bbbd-00e0670f2660
Discovery 2023-03-02
Entry 2023-03-04

strongSwan reports:

A vulnerability related to certificate verification in TLS-based EAP methods was discovered in strongSwan that results in a denial of service but possibly even remote code execution. Versions 5.9.8 and 5.9.9 may be affected.

References

CVE Name CVE-2023-26463
URL https://www.strongswan.org/blog/2023/03/02/strongswan-vulnerability-(cve-2023-26463).html