-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 13 Apr 2026 11:19:15 +0200
Source: strongswan
Binary: strongswan
Architecture: all
Version: 5.9.8-5+deb12u4
Distribution: bookworm-security
Urgency: medium
Maintainer: all Build Daemon (x86-csail-02) <buildd_all-x86-csail-02@buildd.debian.org>
Changed-By: Yves-Alexis Perez <corsac@debian.org>
Description:
 strongswan - IPsec VPN solution metapackage
Changes:
 strongswan (5.9.8-5+deb12u4) bookworm-security; urgency=medium
 .
   * d/patches: add fix for integer underflow in libsimaka when handling
     EAP-SIM/AKA attributes (CVE-2026-35330)
   * d/patches: add fix for integer underflow in libradius when handling RADIUS
     attributes (CVE-2026-35333)
   * d/patches: add fix for NULL-pointer dereference in libtls when handling
     ECDH public values (CVE-2026-35332)
   * d/patches: add fix for infinite loop in libtls when handling supported
     versions TLS extension (CVE-2026-35328)
   * d/patches: add fix for NULL-pointer dereference in libstrongswan (pkcs5)
     and the pkcs7 plugin when processing padding in PKCS#7 (CVE-2026-35329)
   * d/patches: add fix for acceptation of authentication certificates
     violating name constraints (CVE-2026-35331)
   * d/patches: add fix for possible NULL-pointer dereference in gmp plugin for
     RSA decryption (CVE-2026-35334)
Checksums-Sha1:
 f0e6c78127e610caae7399934b0052dd87c36034 9758 strongswan_5.9.8-5+deb12u4_all-buildd.buildinfo
 20c4005ab946126e34c0a1927ed754dd98a8b8dc 84708 strongswan_5.9.8-5+deb12u4_all.deb
Checksums-Sha256:
 c2c5d2b7ffc700ac68636b95c8c2d34a171835c4acf5ffc496458d2283aa4ca4 9758 strongswan_5.9.8-5+deb12u4_all-buildd.buildinfo
 da1f028a96c658dd119f6f700a336d672bec7c6fa26c565c194ab2ddb157597c 84708 strongswan_5.9.8-5+deb12u4_all.deb
Files:
 4dc3306424ab7e2d6960a0a3dee82366 9758 net optional strongswan_5.9.8-5+deb12u4_all-buildd.buildinfo
 f103af1b848de3473a03188e30a07ab9 84708 net optional strongswan_5.9.8-5+deb12u4_all.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEXLxUpUHQBQBTDtd4aBVi67oXtfkFAmned9IACgkQaBVi67oX
tfkdOw/+Li4+a3TZ+6QPWG/M/mwfAQ87ifkpv0yKQKAZkBI3txeLuot6Twk3OzIB
M+/bqRzsLdOAyjK+yOcTYBujm2v8w/8lmtcz78y4YTVVZ9KsJA/eqgPCUNAuX6XM
gyd6HAl89l2pq1xUk9pOyhznmK03enggMzHJvMd69gitVNYbNuKDx/hxIUdStGB/
BViyrt7KxWAsF3AOLgM+7J8HCqlkqAxTiMLaC/Jj5ObKF26j7/7+fklAuro5XwlA
HMiJErhA0dx513kvwWqtf4vHSo6bygyNUaHfJXKrK6o66LG4+o1JmxpGtl080ysk
cijWQA7p+GFBNbyF4CIoXYkJh0ZdU4zzlpDhV/aYoQZyhOcN/Cg2J21DSGrD6WHw
GFr+DcbLbBf2LzESx+NEOIVgfr/eAtyjxccF06rCnilc3So115t7WTUXMoooJkf7
2lY/VmL8I85smOrgOXt/CgdVN+sTk6ItwNqLH1XxkYpMOuyGZn1hahP0ogsMXgHF
Sy8dAQqoc1dPJanz9w520QAdAu+liywgcQCPqBuWLH7z1dzbswAgYDcrEDHjeQhl
u8eE0v6MjFYELsXRtmHO6O6RHz902vu+rennpWUti9t+h6xFqiQnrMNyGA6kqzlV
7ORDXja7ZOFs4YjLy51EXsyD6RK1UrROwrPq2HRwk/020Jnkgm4=
=GVrh
-----END PGP SIGNATURE-----