Currently StrongSwan 5.9.4 is packaged in 22.01/2.6, and contains this vulnerability which was fixed in version 5.9.5.
Updated by Jim Pingle 4 months ago
- Project changed from pfSense Docs to pfSense
- Subject changed from Upgrade strongSwan to 5.9.5 or latest non-release candidate (CVE-2021-45079) to Update strongSwan
- Category changed from VPN to IPsec
- Target version set to 2.7.0
- Plus Target Version set to 22.05
- Release Notes set to Default
That vulnerability is not relevant to pfSense. It affects EAP clients, and pfSense can only act as an EAP server.
Still needs updated, but it is not a security issue.