-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 06 Oct 2022 09:36:12 +0200 Source: strongswan Architecture: source Version: 5.9.1-1+deb11u3 Distribution: bullseye-security Urgency: medium Maintainer: strongSwan Maintainers <pkg-swan-devel@lists.alioth.debian.org> Changed-By: Yves-Alexis Perez <corsac@debian.org> Closes: 1021271 Changes: strongswan (5.9.1-1+deb11u3) bullseye-security; urgency=medium . * d/p/0009-credential-manager-Do-online-revocation-checks-only- added. Fix CVE-2022-40617, denial of service due to revocation plugin potentially using untrusted OCSP URIs and CRL distribution in certificates (Closes: #1021271) Checksums-Sha1: 9d6dd43832548ef34edfbe2aaebd77d9bf60d3fa 3269 strongswan_5.9.1-1+deb11u3.dsc 040d736420a525cb93483b43461fe1518e545e94 121408 strongswan_5.9.1-1+deb11u3.debian.tar.xz 23f1a20b9a6e2c5ee7404806f960ecd046bb1ab8 18227 strongswan_5.9.1-1+deb11u3_amd64.buildinfo Checksums-Sha256: 2cdbb1b38c018aa57e525a6da50c29b3b9ab5ed3cfe1a0d27f3d44bb7a35fc00 3269 strongswan_5.9.1-1+deb11u3.dsc 0cffb530190c68712d2f946be1b5ad7604b9ab80f174c01c7beb1d89f5cae3f1 121408 strongswan_5.9.1-1+deb11u3.debian.tar.xz 099798a93f94575e010dd90a231ff5bfa4f4bfbbcdac8908d2fd84b7308690f4 18227 strongswan_5.9.1-1+deb11u3_amd64.buildinfo Files: eddc77983446957093fd5eb4e22513d3 3269 net optional strongswan_5.9.1-1+deb11u3.dsc 632248b918c7777665666eca2b5a9b39 121408 net optional strongswan_5.9.1-1+deb11u3.debian.tar.xz 71c9506c454e100521c9e1ce5ade62f6 18227 net optional strongswan_5.9.1-1+deb11u3_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQEzBAEBCgAdFiEE8vi34Qgfo83x35gF3rYcyPpXRFsFAmM+h9sACgkQ3rYcyPpX RFsckwf/WmqjY080Zz8Af20ZxWlH81a+fMFyCGssxPeM1ELIKh4fzRwMxAsDv9Q4 +wVJu+YzjjVKwEzA3ImoP2TdEFjk1HkudWHOchxyPM32i6Z1+4t+dOMzygQNizGu CU46lk4fWa8VH/KXsDI8R49QHqFO8NrjZ/vIbPKeei6NBmkq3u3rwxMuNUZ557qL nRgs29NvIOLRaSz37mTUJzpQDK+I52LGo1qM7PhaoOrLrzSe+BZRIuDqLu7kdd51 FjM76zr4mPQXoDZImu/5PE+5k6CO/H+4gYWHQSjLNkWesx+rZizP6ijQEiIZXbx4 MXo7oUH5tItRY8tN7Fs5qnc4IhPewQ== =eFI+ -----END PGP SIGNATURE-----
