Page MenuHomeVyOS Platform

Update to StrongSwan 5.9.11
Closed, ResolvedPublic


Update StrongSwan to 5.9.11

Currently we are using 5.9.8, and there is some security fixed is 5.9.10 related to certificate validation.
But since 5.9.11 has been released, and fixes some regressions introduced in 5.9.10, I have selected that as the target version instead.


Difficulty level
Unknown (require assessment)
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)
Issue type
Package upgrade

Event Timeline

fernando triaged this task as Normal priority.Nov 17 2023, 5:42 PM
fernando changed the task status from Open to Needs testing.Nov 17 2023, 6:01 PM
fernando added a subscriber: fernando.

Do you tested it ? using our current rolling-release

Hey @fernando - yes, I tested it with two routers in a test environment, with the following setup:

It works the same as the existing version included in the current rolling release iso.

1.4 and 1.5 run on strongswan 5.9.11

c-po assigned this task to GurliGebis.
c-po moved this task from Need Triage to 1.4.0-epa1 on the VyOS 1.4 Sagitta board.
c-po edited projects, added VyOS 1.4 Sagitta (1.4.0-epa1); removed VyOS 1.4 Sagitta.
c-po moved this task from Backport Candidates to Finished on the VyOS 1.5 Circinus board.
c-po moved this task from Need Triage to Finished on the VyOS 1.4 Sagitta (1.4.0-epa1) board.