[3.7] strongswan: heap buffer overflow using crafted certificates (CVE-2018-17540)
The gmp plugin in strongSwan before 5.7.1 has a Buffer Overflow via a
crafted certificate,
the vulnerability was introduced with the patch that fixes
CVE-2018-16151/2.
References:
https://www.strongswan.org/blog/2018/10/01/strongswan-vulnerability-(cve-2018-17540).html
https://nvd.nist.gov/vuln/detail/CVE-2018-17540
(from redmine: issue id 9517, created on 2018-10-08, closed on 2018-10-09)
- Relations:
- parent #9515 (closed)
- Changesets:
- Revision e043f436 on 2018-10-08T13:26:31Z:
main/strongswan: security fix (CVE-2018-17540)
Fixes #9517