OpenIKED is developed with the same rigorous security process that the OpenBSD group is famous for. If you wish to report a security issue in OpenIKED, please contact the OpenBSD project. For more information, see the OpenBSD Security page.
July 27, 2020
All versions of OpenIKED in OpenBSD through 6.7 were vulnerable to an authentication bypass due to incorrect use of the EVP_PKEY_cmp() function.
For more information see
the OpenBSD source code patch.
This bug is corrected in OpenBSD's current and stable branches. Binary updates for OpenBSD 6.6 and OpenBSD 6.7 can be obtained with the syspatch(8) utility.