strongswan 5.1.2-0ubuntu2 source package in Ubuntu

Changelog

strongswan (5.1.2-0ubuntu2) trusty; urgency=medium

  * SECURITY UPDATE: remote authentication bypass
    - debian/patches/CVE-2014-2338.patch: reject CREATE_CHILD_SA exchange
      on unestablished IKE_SAs in src/libcharon/sa/ikev2/task_manager_v2.c.
    - CVE-2014-2338
 -- Marc Deslauriers <email address hidden>   Mon, 14 Apr 2014 11:24:34 -0400

Upload details

Uploaded by:
Marc Deslauriers on 2014-04-14
Uploaded to:
Trusty
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
net
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Trusty release on 2014-04-14 main net

Downloads

File Size SHA-256 Checksum
strongswan_5.1.2.orig.tar.bz2 3.6 MiB fb4c3066461dade176408840edbc9d830255f4816b0991baebbbedee501fddd6
strongswan_5.1.2-0ubuntu2.debian.tar.gz 158.6 KiB 777410a054e3e198b82a5e4bdc2e7a38745008d1e2cda50f6d8a198067a85c7a
strongswan_5.1.2-0ubuntu2.dsc 7.3 KiB 3870a37ebe50ec43222a51f1ccd4eb70470be3d0a2900cacafefd819ac0a2c5c

Available diffs

View changes file

Binary packages built by this source

libstrongswan: strongSwan utility and crypto library

 StrongSwan is an IPsec-based VPN solution for the Linux kernel. It uses the
 native IPsec stack and runs on any recent 2.6 kernel (no patching required).
 It supports both IKEv1 and the newer IKEv2 protocols.
 .
 This package provides the underlying library of charon and other strongSwan
 components. It is built in a modular way and is extendable through various
 plugins.

strongswan: IPsec VPN solution metapackage

 The strongSwan VPN suite is based on the IPsec stack in standard Linux
 kernels. It supports both the IKEv1 and IKEv2 protocols.
 .
 This metapackage installs the packages required to maintain IKEv1 and IKEv2
 connections via ipsec.conf or ipsec.secrets.

strongswan-dbg: No summary available for strongswan-dbg in ubuntu utopic.

No description available for strongswan-dbg in ubuntu utopic.

strongswan-ike: strongSwan Internet Key Exchange (v2) daemon

 The strongSwan VPN suite uses the native IPsec stack in the standard
 Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
 .
 Charon is an IPsec IKEv2 daemon. It is
 written from scratch using a fully multi-threaded design and a modular
 architecture. Various plugins provide additional functionality.

strongswan-ikev1: strongswan IKEv1 daemon, transitional package

 The strongSwan VPN suite uses the native IPsec stack in the standard
 Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
 .
 This package used to install the pluto daemon, implementing the IKEv1
 protocol. It has been replaced by charon in the strongswan-ike package.

strongswan-ikev2: strongswan IKEv2 daemon, transitional package

 The strongSwan VPN suite uses the native IPsec stack in the standard
 Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
 .
 This package used to install the charon daemon, implementing the IKEv2
 protocol. It has been replaced the strongswan-ike package.

strongswan-nm: No summary available for strongswan-nm in ubuntu utopic.

No description available for strongswan-nm in ubuntu utopic.

strongswan-plugin-af-alg: strongSwan plugin for AF_ALG Linux crypto API interface

 The strongSwan VPN suite uses the native IPsec stack in the standard
 Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
 .
 This package provides the AF_ALG Linux crypto API interface plugin for
 strongSwan. It provides ciphers/hashers/hmac/xcbc.

strongswan-plugin-agent: strongSwan plugin for accessing private keys via ssh-agent

 The strongSwan VPN suite uses the native IPsec stack in the standard
 Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
 .
 This package provides the strongSwan plugin for accessing to private keys via
 ssh-agent.

strongswan-plugin-attr-sql: No summary available for strongswan-plugin-attr-sql in ubuntu utopic.

No description available for strongswan-plugin-attr-sql in ubuntu utopic.

strongswan-plugin-certexpire: No summary available for strongswan-plugin-certexpire in ubuntu utopic.

No description available for strongswan-plugin-certexpire in ubuntu utopic.

strongswan-plugin-coupling: No summary available for strongswan-plugin-coupling in ubuntu utopic.

No description available for strongswan-plugin-coupling in ubuntu utopic.

strongswan-plugin-curl: strongSwan plugin for the libcurl based HTTP/FTP fetcher

 The strongSwan VPN suite uses the native IPsec stack in the standard
 Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
 .
 This package provides the libcurl based HTTP/FTP fetcher plugin for strongSwan.

strongswan-plugin-dhcp: strongSwan plugin for forwarding DHCP request to a server

 The strongSwan VPN suite uses the native IPsec stack in the standard
 Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
 .
 This package provides the strongSwan plugin for allowing the forwarding of DHCP
 requests for virtual IP addresses to a DHCP server.

strongswan-plugin-dnscert: No summary available for strongswan-plugin-dnscert in ubuntu utopic.

No description available for strongswan-plugin-dnscert in ubuntu utopic.

strongswan-plugin-dnskey: strongSwan plugin for parsing RFC 4034 public keys

 The strongSwan VPN suite uses the native IPsec stack in the standard
 Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
 .
 This package provides the plugin for parsing RFC 4034 public keys for
 strongSwan.

strongswan-plugin-duplicheck: strongSwan plugin for duplicheck functionality

 The strongSwan VPN suite uses the native IPsec stack in the standard
 Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
 .
 This package provides the strongSwan plugin for the duplicheck functionality.
 .
 The duplicheck plugin provides an advanced but very specialized peer identity
 duplicate checking. It works independent from the ipsec.conf uniqueids feature.
 .
 More information may be found at:
 http://wiki.strongswan.org/projects/strongswan/wiki/Duplicheck

strongswan-plugin-eap-aka: strongSwan plugin for generic EAP-AKA protocol handling

 The strongSwan VPN suite uses the native IPsec stack in the standard
 Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
 .
 This package provides the strongSwan plugin for generic EAP-AKA protocol
 handling using different backends.

strongswan-plugin-eap-aka-3gpp2: No summary available for strongswan-plugin-eap-aka-3gpp2 in ubuntu utopic.

No description available for strongswan-plugin-eap-aka-3gpp2 in ubuntu utopic.

strongswan-plugin-eap-dynamic: strongSwan plugin for dynamic EAP method selection

 The strongSwan VPN suite uses the native IPsec stack in the standard
 Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
 .
 This package provides the strongSwan plugin for EAP proxying that dynamically
 selects an EAP method requested/supported by the client.

strongswan-plugin-eap-gtc: strongSwan plugin for EAP-GTC protocol handler

 The strongSwan VPN suite uses the native IPsec stack in the standard
 Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
 .
 This package provides the strongSwan plugin for EAP-GTC protocol handling while
 authenticating with XAuth backends.

strongswan-plugin-eap-md5: strongSwan plugin for EAP-MD5 protocol handler

 The strongSwan VPN suite uses the native IPsec stack in the standard
 Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
 .
 This package provides the strongSwan plugin for EAP-MD5 protocol handling using
 passwords.

strongswan-plugin-eap-mschapv2: strongSwan plugin for EAP-MSCHAPv2 protocol handler

 The strongSwan VPN suite uses the native IPsec stack in the standard
 Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
 .
 This package provides the strongSwan plugin for EAP-MSCHAPv2 protocol handling
 using passwords/NT hashes.

strongswan-plugin-eap-peap: strongSwan plugin for EAP-PEAP protocol handler

 The strongSwan VPN suite uses the native IPsec stack in the standard
 Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
 .
 This package provides the strongSwan plugin for EAP-PEAP protocol handling,
 which wraps other EAP methods securely.

strongswan-plugin-eap-radius: No summary available for strongswan-plugin-eap-radius in ubuntu utopic.

No description available for strongswan-plugin-eap-radius in ubuntu utopic.

strongswan-plugin-eap-sim: strongSwan plugin for generic EAP-SIM protocol handling

 The strongSwan VPN suite uses the native IPsec stack in the standard
 Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
 .
 This package provides the strongSwan plugin for generic EAP-SIM protocol
 handling using different backends.

strongswan-plugin-eap-sim-file: strongSwan plugin for EAP-SIM credentials from files

 The strongSwan VPN suite uses the native IPsec stack in the standard
 Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
 .
 This package provides the strongSwan plugin for the EAP-SIM backend for reading
 triplets from a file.

strongswan-plugin-eap-sim-pcsc: strongSwan plugin for EAP-SIM credentials on smartcards

 The strongSwan VPN suite uses the native IPsec stack in the standard
 Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
 .
 This package provides the strongSwan plugin for the EAP-SIM backend based on a
 PC/SC smartcard reader.

strongswan-plugin-eap-simaka-pseudonym: strongSwan plugin for the EAP-SIM/AKA identity database

 The strongSwan VPN suite uses the native IPsec stack in the standard
 Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
 .
 This package provides the strongSwan plugin for the EAP-SIM/AKA in-memory
 pseudonym identity database.

strongswan-plugin-eap-simaka-reauth: No summary available for strongswan-plugin-eap-simaka-reauth in ubuntu utopic.

No description available for strongswan-plugin-eap-simaka-reauth in ubuntu utopic.

strongswan-plugin-eap-simaka-sql: No summary available for strongswan-plugin-eap-simaka-sql in ubuntu utopic.

No description available for strongswan-plugin-eap-simaka-sql in ubuntu utopic.

strongswan-plugin-eap-tls: No summary available for strongswan-plugin-eap-tls in ubuntu utopic.

No description available for strongswan-plugin-eap-tls in ubuntu utopic.

strongswan-plugin-eap-tnc: strongSwan plugin for the EAP-TNC protocol handler

 The strongSwan VPN suite uses the native IPsec stack in the standard
 Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
 .
 This package provides the strongSwan plugin for EAP-TNC protocol handling,
 Trusted Network Connect in a TLS tunnel.

strongswan-plugin-eap-ttls: strongSwan plugin for the EAP-TTLS protocol handler

 The strongSwan VPN suite uses the native IPsec stack in the standard
 Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
 .
 This package provides the strongSwan plugin for EAP-TTLS protocol handling,
 which wraps other EAP methods securely.

strongswan-plugin-error-notify: strongSwan plugin for error notifications

 The strongSwan VPN suite uses the native IPsec stack in the standard
 Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
 .
 This package provides the plugin for error notifications, via UNIX socket, for
 strongSwan.

strongswan-plugin-farp: strongSwan plugin for faking ARP responses

 The strongSwan VPN suite uses the native IPsec stack in the standard
 Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
 .
 This package provides the strongSwan plugin for faking ARP responses for
 requests to a virtual IP address assigned to a peer.

strongswan-plugin-fips-prf: strongSwan plugin for PRF specified by FIPS

 The strongSwan VPN suite uses the native IPsec stack in the standard
 Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
 .
 This package provides the strongSwan plugin for the special
 pseudo-random-function (PRF) specified by FIPS, used by EAP-SIM/AKA algorithms.

strongswan-plugin-gcrypt: No summary available for strongswan-plugin-gcrypt in ubuntu utopic.

No description available for strongswan-plugin-gcrypt in ubuntu utopic.

strongswan-plugin-gmp: strongSwan plugin for libgmp based crypto

 The strongSwan VPN suite uses the native IPsec stack in the standard
 Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
 .
 This package provides the crypto backend based on libgmp, which provides a
 RSA/DH plugin for strongSwan.

strongswan-plugin-ipseckey: strongSwan plugin for authentication via IPSECKEY RRs

 The strongSwan VPN suite uses the native IPsec stack in the standard
 Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
 .
 This package provides the strongSwan plugin for authentication via IPSECKEY RRs
 protected by DNSSEC.

strongswan-plugin-kernel-libipsec: No summary available for strongswan-plugin-kernel-libipsec in ubuntu utopic.

No description available for strongswan-plugin-kernel-libipsec in ubuntu utopic.

strongswan-plugin-ldap: strongSwan plugin for LDAP CRL fetching

 The strongSwan VPN suite uses the native IPsec stack in the standard
 Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
 .
 This package provides the strongSwan plugin for fetching CRL from ldap:// URLs.

strongswan-plugin-led: No summary available for strongswan-plugin-led in ubuntu utopic.

No description available for strongswan-plugin-led in ubuntu utopic.

strongswan-plugin-load-tester: strongSwan plugin for load testing

 The strongSwan VPN suite uses the native IPsec stack in the standard
 Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
 .
 This package provides the load testing plugin for strongSwan.
 .
 WARNING: Never enable the load-testing plugin on production systems. It
 provides preconfigured credentials and allows an attacker to authenticate as
 any user.

strongswan-plugin-lookip: strongSwan plugin for lookip interface

 The strongSwan VPN suite uses the native IPsec stack in the standard
 Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
 .
 This package provides the strongSwan plugin which provides an interface to
 query information about tunnels via the peer's virtual IP address.

strongswan-plugin-mysql: No summary available for strongswan-plugin-mysql in ubuntu utopic.

No description available for strongswan-plugin-mysql in ubuntu utopic.

strongswan-plugin-ntru: No summary available for strongswan-plugin-ntru in ubuntu utopic.

No description available for strongswan-plugin-ntru in ubuntu utopic.

strongswan-plugin-openssl: strongSwan plugin for OpenSSL

 The strongSwan VPN suite uses the native IPsec stack in the standard
 Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
 .
 This package provides the crypto backend based on OpenSSL for strongSwan,
 providing RSA/ECDSA/DH/ECDH/ciphers/hashers/HMAC/X.509/CRL/RNG.

strongswan-plugin-pgp: No summary available for strongswan-plugin-pgp in ubuntu utopic.

No description available for strongswan-plugin-pgp in ubuntu utopic.

strongswan-plugin-pkcs11: strongSwan plugin for PKCS#11 smartcard backend

 The strongSwan VPN suite uses the native IPsec stack in the standard
 Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
 .
 This package provides the PKCS#11 smartcard backend for strongSwan.

strongswan-plugin-pubkey: No summary available for strongswan-plugin-pubkey in ubuntu utopic.

No description available for strongswan-plugin-pubkey in ubuntu utopic.

strongswan-plugin-radattr: strongSwan plugin for custom RADIUS attribute processing

 The strongSwan VPN suite uses the native IPsec stack in the standard
 Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
 .
 This package provides the strongSwan plugin to inject and process custom RADIUS
 attributes as IKEv2 client.

strongswan-plugin-soup: strongSwan plugin for the libsoup based HTTP fetcher

 The strongSwan VPN suite uses the native IPsec stack in the standard
 Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
 .
 This package provides the libsoup based HTTP fetcher plugin for strongSwan.

strongswan-plugin-sql: No summary available for strongswan-plugin-sql in ubuntu utopic.

No description available for strongswan-plugin-sql in ubuntu utopic.

strongswan-plugin-sqlite: strongSwan plugin for SQLite

 The strongSwan VPN suite uses the native IPsec stack in the standard
 Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
 .
 This package provides the SQLite database backend plugin for strongSwan.

strongswan-plugin-sshkey: strongSwan plugin for SSH key decoding routines

 The strongSwan VPN suite uses the native IPsec stack in the standard
 Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
 .
 This package provides the strongSwan plugin for SSH key decoding routines.

strongswan-plugin-systime-fix: No summary available for strongswan-plugin-systime-fix in ubuntu utopic.

No description available for strongswan-plugin-systime-fix in ubuntu utopic.

strongswan-plugin-unbound: strongSwan plugin for DNSSEC-enabled resolver using libunbound

 The strongSwan VPN suite uses the native IPsec stack in the standard
 Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
 .
 This package provides the DNSSEC enabled resolver, using libunbound for
 strongSwan.

strongswan-plugin-unity: No summary available for strongswan-plugin-unity in ubuntu utopic.

No description available for strongswan-plugin-unity in ubuntu utopic.

strongswan-plugin-whitelist: No summary available for strongswan-plugin-whitelist in ubuntu utopic.

No description available for strongswan-plugin-whitelist in ubuntu utopic.

strongswan-plugin-xauth-eap: strongSwan plugin for XAuth backend using EAP methods

 The strongSwan VPN suite uses the native IPsec stack in the standard
 Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
 .
 This package provides the strongSwan plugin for the XAuth backend that uses
 EAP methods to verify passwords.

strongswan-plugin-xauth-generic: strongSwan plugin for the generic XAuth backend

 The strongSwan VPN suite uses the native IPsec stack in the standard
 Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
 .
 This package provides the strongSwan plugin for the generic XAuth backend that
 provides passwords from ipsec.secrets and other credential sets.

strongswan-plugin-xauth-noauth: No summary available for strongswan-plugin-xauth-noauth in ubuntu utopic.

No description available for strongswan-plugin-xauth-noauth in ubuntu utopic.

strongswan-plugin-xauth-pam: strongSwan plugin for XAuth backend using PAM

 The strongSwan VPN suite uses the native IPsec stack in the standard
 Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
 .
 This package provides the strongSwan plugin for the XAuth backend that uses
 PAM modules to verify passwords.

strongswan-pt-tls-client: strongSwan TLS-based Posture Transport (PT) protocol client

 The strongSwan VPN suite uses the native IPsec stack in the standard
 Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
 .
 This package provides the TLS-based Posture Transport (PT) protocol client for
 strongSwan. The PT-TLS protocol carries the Network Endpoint Assessment (NEA)
 message exchange under the protection of a Transport Layer Security (TLS)
 secured tunnel.

strongswan-starter: strongSwan daemon starter and configuration file parser

 strongSwan is an IPsec-based VPN solution for Linux and other Unixes. It uses
 the native IPsec stack and runs on any recent kernel (no patching required).
 It supports both IKEv1 and the newer IKEv2 protocols.
 .
 The starter and the associated "ipsec" script control the charon daemon
 from the command line. It parses ipsec.conf and loads the configurations to
 the daemon.

strongswan-tnc-base: strongSwan Trusted Network Connect's (TNC) - base files

 The strongSwan VPN suite uses the native IPsec stack in the standard
 Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
 .
 This package provides the base files for strongSwan's Trusted Network
 Connect's (TNC) functionality.
 .
 strongSwan's IMC/IMV dynamic libraries can be used by any third party TNC
 client/server implementation possessing a standard IF-IMC/IMV interface.

strongswan-tnc-client: strongSwan Trusted Network Connect's (TNC) - client files

 The strongSwan VPN suite uses the native IPsec stack in the standard
 Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
 .
 This package provides the client functionality for strongSwan's Trusted Network
 Connect's (TNC) features.
 .
 It includes the OS, scanner, test, SWID, and attestation IMCs.

strongswan-tnc-ifmap: strongSwan plugin for Trusted Network Connect's (TNC) IF-MAP client

 The strongSwan VPN suite uses the native IPsec stack in the standard
 Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
 .
 This package provides Trusted Network Connect's (TNC) IF-MAP 2.0 client.

strongswan-tnc-pdp: strongSwan plugin for Trusted Network Connect's (TNC) PDP

 The strongSwan VPN suite uses the native IPsec stack in the standard
 Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
 .
 This package provides Trusted Network Connect's (TNC) Policy Decision Point
 (PDP) with RADIUS server interface.

strongswan-tnc-server: strongSwan Trusted Network Connect's (TNC) - server files

 The strongSwan VPN suite uses the native IPsec stack in the standard
 Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
 .
 This package provides the server functionality for strongSwan's Trusted Network
 Connect's (TNC) features.