Outstanding CVEs - StrongSwan
In progress, HighPublicBUG

Details

Difficulty level
Hard (possibly days)
Version
1.1.7
Why the issue appeared?
Will be filled on close
syncer created this task.Aug 19 2017, 2:27 AM
syncer triaged this task as High priority.Aug 19 2017, 2:40 AM

The CVSS score of CVE-2015-4171 is low, and it needs a valid certificate for attack. Can we ignore CVE-2015-4171?

Packages for testing:

Hey @higebu!
agree on CVE-2015-4171

@dmbaturin moving build system to other host due to space restrictions

@syncer I guess we need Squeeze host for building packages. But if we use pbuilder, we can build packages on Jessie.
Example script is here: https://gist.github.com/higebu/139c786fab3c88113d54eef16b462655

I installed squeeze, think @dmbaturin will add it to CI once it ready

higebu changed the task status from Open to In progress.Aug 20 2017, 3:23 PM
higebu claimed this task.