strongswan-ikev2 - strongSwan IKEv2 daemon, transitional package

Property Value
Distribution Ubuntu 16.04 LTS (Xenial Xerus)
Repository Ubuntu Updates Universe i386
Package filename strongswan-ikev2_5.3.5-1ubuntu3.8_all.deb
Package name strongswan-ikev2
Package version 5.3.5
Package release 1ubuntu3.8
Package architecture all
Package type deb
Category universe/net
License -
Maintainer Ubuntu Developers <>
Download size 10.78 KB
Installed size 153.00 KB
The strongSwan VPN suite uses the native IPsec stack in the standard
Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
This package used to install the charon daemon, implementing the IKEv2
protocol. It has been replaced the strongswan-ike package, so it can be safely


Package Version Architecture Repository
strongswan-ikev2_5.3.5-1ubuntu3.8_all.deb 5.3.5 all Ubuntu Updates Universe
strongswan-ikev2_5.3.5-1ubuntu3_all.deb 5.3.5 all Ubuntu Universe
strongswan-ikev2_5.3.5-1ubuntu3_all.deb 5.3.5 all Ubuntu Universe
strongswan-ikev2 - - -


Name Value
strongswan-ike -


Type URL
Binary Package strongswan-ikev2_5.3.5-1ubuntu3.8_all.deb
Source Package strongswan

Install Howto

  1. Update the package index:
    # sudo apt-get update
  2. Install strongswan-ikev2 deb package:
    # sudo apt-get install strongswan-ikev2




2018-09-26 - Marc Deslauriers <>
strongswan (5.3.5-1ubuntu3.8) xenial-security; urgency=medium
* SECURITY UPDATE: Insufficient input validation in gmp plugin
- debian/patches/strongswan-4.4.0-5.7.0_gmp-pkcs1-overflow.patch: fix
buffer overflow with very small RSA keys in
- CVE-2018-17540
2018-09-18 - Marc Deslauriers <>
strongswan (5.3.5-1ubuntu3.7) xenial-security; urgency=medium
* SECURITY UPDATE: Insufficient input validation in gmp plugin
- debian/patches/strongswan-5.3.1-5.6.0_gmp-pkcs1-verify.patch: don't
parse PKCS1 v1.5 RSA signatures to verify them in
- CVE-2018-16151
- CVE-2018-16152
* SECURITY UPDATE: remote denial of service
- debian/patches/strongswan-5.0.1-5.4.0_skeyseed_init.patch: properly
initialize variable in src/libcharon/sa/ikev2/keymat_v2.c.
- CVE-2018-10811
* SECURITY UPDATE: DoS in stroke plugin
- debian/patches/strongswan-5.1.2-5.6.2_stroke_msg_len.patch: ensure a
minimum message length in
- CVE-2018-5388
2017-12-18 - Christian Ehrhardt <>
strongswan (5.3.5-1ubuntu3.5) xenial; urgency=medium
* d/p/ikev1-First-do-PSK-lookups-lp1734207.patch ensure evaluation
with resolvable hostnames selects the right PSK (LP: #1734207).
2017-08-15 - Leonidas S. Barbosa <>
strongswan (5.3.5-1ubuntu3.4) xenial-security; urgency=medium
* SECURITY UPDATE: Fix RSA signature verification
- debian/patches/CVE-2017-11185.patch: does some
verifications in order to avoid null-point dereference
in src/libstrongswan/gmp/gmp_rsa_public_key.c
- CVE-2017-11185
2017-05-24 - Marc Deslauriers <>
strongswan (5.3.5-1ubuntu3.3) xenial-security; urgency=medium
* SECURITY UPDATE: Insufficient Input Validation in gmp Plugin
- debian/patches/CVE-2017-9022.patch: make sure the modulus is odd and
the exponent not zero in
- CVE-2017-9022
* SECURITY UPDATE: Incorrect Handling of CHOICE types in ASN.1 parser and
x509 plugin
- debian/patches/CVE-2017-9023.patch: fix CHOICE parsing in
- CVE-2017-9023
2017-05-03 - Christian Ehrhardt <>
strongswan (5.3.5-1ubuntu3.2) xenial; urgency=medium
* d/p/ikev2-Only-add-NAT-D-notifies-to-DPDs-as-initiator.patch: fix issue
related to DPD vs iOS10 (LP: #1687711)
2017-02-07 - Christian Ehrhardt <>
strongswan (5.3.5-1ubuntu3.1) xenial; urgency=medium
* fix strongswan ipsec status issue with apparmor (LP: #1587886)
2016-04-05 - Robie Basak <>
strongswan (5.3.5-1ubuntu3) xenial; urgency=medium
* Rebuild against libmysqlclient20.
2016-02-22 - Iain Lane <>
strongswan (5.3.5-1ubuntu2) xenial; urgency=medium
* debian/tests/plugins: rdrand may or may not be loaded, depending on the
cpu features.

See Also

Package Description
strongswan-nm_5.3.5-1ubuntu3.8_i386.deb strongSwan plugin to interact with NetworkManager
strongswan-plugin-af-alg_5.3.5-1ubuntu3.8_all.deb strongSwan plugin for AF_ALG Linux crypto API interface
strongswan-plugin-agent_5.3.5-1ubuntu3.8_all.deb strongSwan plugin for accessing private keys via ssh-agent
strongswan-plugin-attr-sql_5.3.5-1ubuntu3.8_all.deb strongSwan plugin for providing IKE attributes from databases
strongswan-plugin-certexpire_5.3.5-1ubuntu3.8_all.deb strongSwan plugin for exporting expiration dates of certificates
strongswan-plugin-coupling_5.3.5-1ubuntu3.8_all.deb strongSwan plugin for permanent peer certificate coupling
strongswan-plugin-curl_5.3.5-1ubuntu3.8_all.deb strongSwan plugin for the libcurl based HTTP/FTP fetcher
strongswan-plugin-dnscert_5.3.5-1ubuntu3.8_all.deb strongSwan plugin for authentication via CERT RRs
strongswan-plugin-dnskey_5.3.5-1ubuntu3.8_all.deb strongSwan plugin for parsing RFC 4034 public keys
strongswan-plugin-duplicheck_5.3.5-1ubuntu3.8_all.deb strongSwan plugin for duplicheck functionality
strongswan-plugin-eap-aka-3gpp2_5.3.5-1ubuntu3.8_all.deb strongSwan plugin for the 3GPP2-based EAP-AKA backend
strongswan-plugin-eap-aka_5.3.5-1ubuntu3.8_all.deb strongSwan plugin for generic EAP-AKA protocol handling
strongswan-plugin-eap-dynamic_5.3.5-1ubuntu3.8_all.deb strongSwan plugin for dynamic EAP method selection
strongswan-plugin-eap-gtc_5.3.5-1ubuntu3.8_all.deb strongSwan plugin for EAP-GTC protocol handler
strongswan-plugin-eap-sim-file_5.3.5-1ubuntu3.8_all.deb strongSwan plugin for EAP-SIM credentials from files