It's said libreswan 3.12 have bug and have to upgrade to 3.13. how to update vyos's ?


#1

https://libreswan.org/

June 1st, 2015: CVE-2015-3204: malicious payload causing IKE daemon restart

Libreswan 3.9 to 3.12 is vulnerable to unauthenticated packets with a malicious payload causing the daemon to hit a passert() and restart. See our CVE-2015-3204 page for details. No remote code execution is possible. Please upgrade libreswan to version 3.13 or later.


sorry , I make mistatk.
I use centos together with VYOS.
the centos 7’s libreswan should update.
VYOS use strongSwan…
so , nothing should do to VYOS