Bugzilla – Bug 931845
VUL-1: strongswan: The Logjam Attack / weakdh.org
Last modified: 2021-06-18 07:13:03 UTC
+++ This bug was initially created as a clone of Bug #931600 +++
This bug refers to the strongswan Logjam impact.
Main issue is probably that there is a standard 1024bit MODP 1024 group
aka PTS_DH_GROUP_IKE2, and it is unclear if we can disable it.
(needs more research)
(in SLE12 fips mode, 1024bit dh is not selected for instance)
bugbot adjusting priority
So disabling the 768 group is a thing we can do with the next round of updates.
For inclusion in next strongswan maintenance update.
opensuse updates can be already submitted of course
An update workflow for this issue was started.
This issue was rated as moderate.
Please submit fixed packages until 2017-08-21.
When done, reassign the bug to email@example.com.