NEWS: Add info about CVE-2015-8023
This commit is contained in:
parent
f9c5c80553
commit
453e204ac4
5
NEWS
5
NEWS
|
@ -1,6 +1,11 @@
|
||||||
strongswan-5.3.4
|
strongswan-5.3.4
|
||||||
----------------
|
----------------
|
||||||
|
|
||||||
|
- Fixed an authentication bypass vulnerability in the eap-mschapv2 plugin that
|
||||||
|
was caused by insufficient verification of the internal state when handling
|
||||||
|
MSCHAPv2 Success messages received by the client.
|
||||||
|
This vulnerability has been registered as CVE-2015-8023.
|
||||||
|
|
||||||
- The sha3 plugin implements the SHA3 Keccak-F1600 hash algorithm family.
|
- The sha3 plugin implements the SHA3 Keccak-F1600 hash algorithm family.
|
||||||
Within the strongSwan framework SHA3 is currently used for BLISS signatures
|
Within the strongSwan framework SHA3 is currently used for BLISS signatures
|
||||||
only because the OIDs for other signature algorithms haven't been defined
|
only because the OIDs for other signature algorithms haven't been defined
|
||||||
|
|
Loading…
Reference in New Issue