[3.6] strongswan: heap buffer overflow using crafted certificates (CVE-2018-17540)
The gmp plugin in strongSwan before 5.7.1 has a Buffer Overflow via a
crafted certificate,
the vulnerability was introduced with the patch that fixes
CVE-2018-16151/2.
References:
https://www.strongswan.org/blog/2018/10/01/strongswan-vulnerability-(cve-2018-17540).html
https://nvd.nist.gov/vuln/detail/CVE-2018-17540
(from redmine: issue id 9518, created on 2018-10-08, closed on 2018-10-09)
- Relations:
- parent #9515 (closed)
- Changesets:
- Revision 1cb8f327 on 2018-10-08T13:37:03Z:
main/strongswan: security fix (CVE-2018-17540)
Fixes #9518