[Openswan Users] Openswan 2.6.45 released

Simon Deziel simon at xelerance.com
Thu Aug 27 12:52:21 EDT 2015

Xelerance has released Openswan 2.6.45

This release addresses CVE-2015-3240 (IKE DoS when using NSS).

The vulnerability was found by The Libreswan Team. For more information:


You can download Openswan at:


Please report bugs either via one of the mailing lists or at our bug


See also https://www.openswan.org/

v2.6.45 (August 27, 2015)
  This release fixes CVE-2015-3240 (IKE DoS)

 * Minor compile tweaks that were missed at cottage [MCR]
 * Possible fix for CVE-2015-3240: if KE payload is 0, then
   exponentiation fails, tripping a passert for nss [MCR]

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 966 bytes
Desc: OpenPGP digital signature
URL: <http://lists.openswan.org/pipermail/users/attachments/20150827/cb350468/attachment.sig>

More information about the Users mailing list