strongswan - IPsec VPN solution metapackage

Property Value
Distribution Ubuntu 14.04 LTS (Trusty Tahr)
Repository Ubuntu Updates Main amd64
Package name strongswan
Package version 5.1.2
Package release 0ubuntu2.8
Package architecture all
Package type deb
Installed size 184 B
Download size 29.06 KB
Official Mirror
The strongSwan VPN suite is based on the IPsec stack in standard Linux
kernels. It supports both the IKEv1 and IKEv2 protocols.
This metapackage installs the packages required to maintain IKEv1 and IKEv2
connections via ipsec.conf or ipsec.secrets.


Package Version Architecture Repository
strongswan_5.1.2-0ubuntu2.8_all.deb 5.1.2 all Ubuntu Updates Main
strongswan_5.1.2-0ubuntu2_all.deb 5.1.2 all Ubuntu Main
strongswan_5.1.2-0ubuntu2_all.deb 5.1.2 all Ubuntu Main
strongswan - - -


Name Value
strongswan-ike -


Type URL
Binary Package strongswan_5.1.2-0ubuntu2.8_all.deb
Source Package strongswan

Install Howto

  1. Update the package index:
    # sudo apt-get update
  2. Install strongswan deb package:
    # sudo apt-get install strongswan




2018-03-14 - Trent Lloyd <>
strongswan (5.1.2-0ubuntu2.8) trusty; urgency=medium
* d/control: Add Conflicts from strongswan-starter to openswan to
avoid file conflict on upgrade. (LP: #1755693)
2017-08-15 - Leonidas S. Barbosa <>
strongswan (5.1.2-0ubuntu2.7) trusty-security; urgency=medium
* SECURITY UPDATE: Fix RSA signature verification
- debian/patches/CVE-2017-11185.patch: does some
verifications in order to avoid null-point dereference
in src/libstrongswan/gmp/gmp_rsa_public_key.c
- CVE-2017-11185
2017-05-24 - Marc Deslauriers <>
strongswan (5.1.2-0ubuntu2.6) trusty-security; urgency=medium
* SECURITY UPDATE: Insufficient Input Validation in gmp Plugin
- debian/patches/CVE-2017-9022.patch: make sure the modulus is odd and
the exponent not zero in
- CVE-2017-9022
* SECURITY UPDATE: Incorrect Handling of CHOICE types in ASN.1 parser and
x509 plugin
- debian/patches/CVE-2017-9023.patch: fix CHOICE parsing in
- CVE-2017-9023
2016-10-05 - Nishanth Aravamudan <>
strongswan (5.1.2-0ubuntu2.5) trusty; urgency=medium
* debian/patches/fix_reauth_crash.patch: auth-cfg: Fix crash after
several reauthentications with multiple authentication rounds.
Thanks to Tobias Brunner <>.
Closes LP: #1629241.
2015-11-11 - Marc Deslauriers <>
strongswan (5.1.2-0ubuntu2.4) trusty-security; urgency=medium
* SECURITY UPDATE: authentication bypass in eap-mschapv2 plugin
- debian/patches/CVE-2015-8023.patch: only succeed authentication if
MSK was established in
- CVE-2015-8023
2015-06-04 - Marc Deslauriers <>
strongswan (5.1.2-0ubuntu2.3) trusty-security; urgency=medium
* SECURITY UPDATE: user credential disclosure to rogue servers
- debian/patches/CVE-2015-4171.patch: enforce remote authentication
config before proceeding with own authentication in
- CVE-2015-4171
2014-12-19 - Tyler Hicks <>
strongswan (5.1.2-0ubuntu2.2) trusty-security; urgency=medium
* SECURITY UPDATE: denial of service via DH group 1025
- debian/patches/CVE-2014-9221.patch: define MODP_CUSTOM outside of
IKE DH range in src/libstrongswan/crypto/diffie_hellman.c,
- CVE-2014-9221
2014-04-14 - Marc Deslauriers <>
strongswan (5.1.2-0ubuntu2) trusty; urgency=medium
* SECURITY UPDATE: remote authentication bypass
- debian/patches/CVE-2014-2338.patch: reject CREATE_CHILD_SA exchange
on unestablished IKE_SAs in src/libcharon/sa/ikev2/task_manager_v2.c.
- CVE-2014-2338
2014-03-01 - Jonathan Davies <>
strongswan (5.1.2-0ubuntu1) trusty; urgency=low
* New upstream release.
2014-02-19 - Jonathan Davies <>
strongswan (5.1.2~rc2-0ubuntu2) trusty; urgency=low
* debian/ipsec.secrets.proto: Removed reference.
* debian/usr.lib.ipsec.charon: Allow read access to /run/charon.

See Also

Package Description
subversion-tools_1.8.8-1ubuntu3.3_all.deb Assorted tools related to Apache Subversion
subversion_1.8.8-1ubuntu3.3_amd64.deb Advanced version control system
sudo_1.8.9p5-1ubuntu1.4_amd64.deb Provide limited super user privileges to specific users
sunpinyin-data_0.1.22+20131212-0ubuntu0.14.04.1_amd64.deb Statistical language model data from open-gram
swift-account_1.13.1-0ubuntu1.5_all.deb distributed virtual object store - account server
swift-container_1.13.1-0ubuntu1.5_all.deb distributed virtual object store - container server
swift-doc_1.13.1-0ubuntu1.5_all.deb distributed virtual object store - documentation
swift-object_1.13.1-0ubuntu1.5_all.deb distributed virtual object store - object server
swift-proxy_1.13.1-0ubuntu1.5_all.deb distributed virtual object store - proxy server
system-config-kickstart_2.5.20-0ubuntu23.1_all.deb graphical tool for creating Kickstart files
system-config-printer-common_1.4.3+20140219-0ubuntu2.6_all.deb Printer configuration GUI
system-config-printer-gnome_1.4.3+20140219-0ubuntu2.6_all.deb Printer configuration GUI
system-config-printer-udev_1.4.3+20140219-0ubuntu2.6_amd64.deb Printer auto-configuration facility based on udev
systemd-services_204-5ubuntu20.28_amd64.deb systemd runtime services
systemd_204-5ubuntu20.28_amd64.deb system and service manager