Thank you!
> On 15 Dec 2025, at 16:59, Adolf Belka <[email protected]> wrote:
>
> Hi Michael,
>
> On 15/12/2025 17:43, Michael Tremer wrote:
>> Hello list,
>> Would someone be happy to grab this one?
>
> Yes, I will pick it up.
>
> Regards
> Adolf.
>
>> -Michael
>>> Begin forwarded message:
>>>
>>> *From: *Tobias Brunner <[email protected]>
>>> *Subject: **[strongswan/strongswan] Release 6.0.4 - strongSwan 6.0.4*
>>> *Date: *12 December 2025 at 16:07:50 GMT
>>> *To: *strongswan/strongswan <[email protected]>
>>> *Cc: *Subscribed <[email protected]>
>>> *Reply-To: *strongswan/strongswan <[email protected]>
>>>
>>>
>>> strongSwan 6.0.4
>>> <https://github.com/strongswan/strongswan/releases/tag/6.0.4>
>>>
>>> Repository: strongswan/strongswan
>>> <https://github.com/strongswan/strongswan> · Tag: 6.0.4
>>> <https://github.com/strongswan/strongswan/tree/6.0.4> · Commit: f795049
>>> <https://github.com/strongswan/strongswan/commit/f79504994ae210904f5517abe195cccfa44843ba>
>>> · Released by: tobiasbrunner <https://github.com/tobiasbrunner>
>>>
>>>
>>> Vulnerabilities
>>>
>>> * Fixed a vulnerability in the NetworkManager plugin
>>> <https://docs.strongswan.org/docs/latest/features/networkManager.html> that
>>> potentially allows using credentials of other local users. This
>>> vulnerability has been registered as CVE-2025-9615
>>> <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9615>. Please
>>> refer to our blog
>>> <https://www.strongswan.org/blog/2025/12/12/strongswan-vulnerability-(cve-2025-9615).html>
>>> for details.
>>>
>>>
>>> Enhancements and Optimizations
>>>
>>> * Concurrent requests to fetch the same CRL URI by multiple threads are
>>> now combined by the |revocation| plugin (#2918
>>> <https://github.com/strongswan/strongswan/pull/2918>). Only the first
>>> thread actually fetches it, the others wait for that result. This is
>>> particularly helpful if the CRL can currently not be fetched due to DNS or
>>> HTTP/LDAP timeouts as it avoids that each thread has to wait individually,
>>> reducing the number of SAs that can concurrently be established as threads
>>> are blocked longer. A negative result is cached for a while (currently 30
>>> seconds) so requests can fail quickly and threads can continue establishing
>>> SAs if they use a relaxed revocation policy.
>>> * The maximum supported length for section names in swanctl.conf has been
>>> increased to the upper limit of 256 characters that's enforced by VICI
>>> (#2936 <https://github.com/strongswan/strongswan/issues/2936>).
>>>
>>>
>>> Fixes
>>>
>>> * Prevent a crash if a confused peer rekeys a Child SA twice before
>>> sending a delete (#2945
>>> <https://github.com/strongswan/strongswan/issues/2945>).
>>> * Fixed a memory leak if a peer's self-signed certificate is untrusted
>>> (#2954 <https://github.com/strongswan/strongswan/pull/2954>).
>>>
>>> Refer to the 6.0.4 milestone
>>> <https://github.com/strongswan/strongswan/milestone/17?closed=1> for a list
>>> of all closed issues and pull requests.
>>>
>>> —
>>>
>>> This release has 8 assets:
>>>
>>> * NetworkManager-strongswan-1.6.4.tar.bz2
>>> * NetworkManager-strongswan-1.6.4.tar.bz2.sig
>>> * strongswan-6.0.4.tar.bz2
>>> * strongswan-6.0.4.tar.bz2.sig
>>> * strongswan-6.0.4.tar.gz
>>> * strongswan-6.0.4.tar.gz.sig
>>> * Source code (zip)
>>> * Source code (tar.gz)
>>>
>>> Visit the release page
>>> <https://github.com/strongswan/strongswan/releases/tag/6.0.4> to download
>>> them.
>>>
>>> —
>>> You are receiving this because you are watching this repository.
>>> View it on GitHub
>>> <https://github.com/strongswan/strongswan/releases/tag/6.0.4> or
>>> unsubscribe
>>> <https://github.com/strongswan/strongswan/unsubscribe_via_email/ABQGVES62Q2DV45QXF7P5XL4BLR5NANCNFSM4AAPXRBQ>
>>> from all notifications for this repository.
>>>
>
>
