-
Notifications
You must be signed in to change notification settings - Fork 40
/
security.html
38 lines (33 loc) · 1.28 KB
/
security.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
<!doctype html>
<html lang=en>
<meta charset=utf-8>
<title>OpenIKED Security</title>
<meta name="description" content="OpenIKED advisories">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" type="text/css" href="openbsd.css">
<link rel="canonical" href="https://www.openiked.org/security.html">
<h2 id=OpenBSD>
<a href="/">
<i>Open</i><b>IKED</b></a>
Security
</h2>
<hr>
<p>
OpenIKED is developed with the same rigorous security process that the
OpenBSD group is famous for. If you wish to report a security issue in
OpenIKED, please contact the OpenBSD project.
For more information, see the
<a href="https://www.openbsd.org/security.html#reporting">OpenBSD Security page</a>.
<ul>
<li><p><b>July 27, 2020</b><br>
All versions of OpenIKED in OpenBSD through 6.7 were vulnerable to an
authentication bypass due to incorrect use of the EVP_PKEY_cmp() function.
<p>
For more information see
<a href=https://ftp.openbsd.org/pub/OpenBSD/patches/6.7/common/014_iked.patch.sig>
the OpenBSD source code patch.</a>
<br>
This bug is corrected in OpenBSD's current and stable branches. Binary updates
for OpenBSD 6.6 and OpenBSD 6.7 can be obtained with the
<a href=https://man.openbsd.org/syspatch>syspatch(8)</a> utility.
</ul>