Applying their fuzzing tool, the Orange Labs vulnerability research team found a Denial-of-Service vulnerability in the parsing of ASN.1 UTCTIME and GENERALIZEDTIME strings. Malformed X.509 certificate time strings can cause the pluto IKE daemon to crash and restart. Apply to strongSwan releases 2.2.0 to 2.8.9