ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity

NEWS: Add info about CVE-2015-8023

This commit is contained in:
Tobias Brunner 2015-11-12 15:35:52 +01:00 committed by Andreas Steffen
parent f9c5c80553
commit 453e204ac4
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
NEWS
View File

@ -1,6 +1,11 @@
strongswan-5.3.4 strongswan-5.3.4
---------------- ----------------
- Fixed an authentication bypass vulnerability in the eap-mschapv2 plugin that
was caused by insufficient verification of the internal state when handling
MSCHAPv2 Success messages received by the client.
This vulnerability has been registered as CVE-2015-8023.
- The sha3 plugin implements the SHA3 Keccak-F1600 hash algorithm family. - The sha3 plugin implements the SHA3 Keccak-F1600 hash algorithm family.
Within the strongSwan framework SHA3 is currently used for BLISS signatures Within the strongSwan framework SHA3 is currently used for BLISS signatures
only because the OIDs for other signature algorithms haven't been defined only because the OIDs for other signature algorithms haven't been defined