strongSwan security team reports:
If the openssl plugin is used for ECDSA signature verification an empty, zeroed or otherwise invalid signature is handled as a legitimate one. Both IKEv1 and IKEv2 are affected. Affected are only installations that have enabled and loaded the OpenSSL crypto backend (--enable-openssl). Builds using the default crypto backends are not affected.