[3.8] strongswan: heap buffer overflow using crafted certificates (CVE-2018-17540)
The gmp plugin in strongSwan before 5.7.1 has a Buffer Overflow via a
crafted certificate,
the vulnerability was introduced with the patch that fixes
CVE-2018-16151/2.
References:
https://www.strongswan.org/blog/2018/10/01/strongswan-vulnerability-(cve-2018-17540).html
https://nvd.nist.gov/vuln/detail/CVE-2018-17540
(from redmine: issue id 9516, created on 2018-10-08, closed on 2018-10-09)
- Relations:
- parent #9515 (closed)
- Changesets:
- Revision 5bf14e0f on 2018-10-08T13:10:26Z:
main/strongswan: security fix (CVE-2018-17540)
Fixes #9516