SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for openswan-2.6.38-6.fc18.x86_64.rpm :
Mon Sep 10 14:00:00 2012 Avesh Agarwal - 2.6.38-6
- Fixed ipsec verify to avoid perl and use python instead. It helps
during minimum install so that openswan does not have to pull perl
packages, and it keeps minimal install really minimum. Also
Removed compilation of ipsec policy subprogram as it is not
needed with NETKEY. This patch has been provided by pwouters.

Tue Aug 21 14:00:00 2012 Avesh Agarwal - 2.6.38-5
- rhbz #771612: ipsec barf should not grep sparse file. The
patch has been provided by pwoutersAATTredhat.com.
- rhbz #785180: openswan uses ifconfig which is deprecated.
- rhbz #796683: Compile time no-strict-aliasing issue.
- rhbz #834396: Coverity scan fixes, warnings, dead code.
- rhbz #834400: NAT-OA reserved field issue.

Fri Aug 17 14:00:00 2012 Avesh Agarwal - 2.6.38-4
- Phase15 as xauth and modecfg is called in openswan is not
handled properly when only xauth (without modecfg) is used.
- dpd events and ike/sa lifetime expiry events are not created
properly when xauth is used without modecfg.
This commit addresses these issues.

Tue Aug 7 14:00:00 2012 Avesh Agarwal - 2.6.38-3
- Ikev2 changes from rhel6 to fedora
- Sha256 changes from rhel6 to fedora
- Fixed 384/512 changes from rhel6 to fedora
- Ported cisco-openswan interop changes in aggresive/main mode
- Labeld-ipsec fixes
- aes-gcm fixes in ikev1 mode
- updown netkey script changes related to updating/removing
interface ip address and routes
- Fixes related to rhbz 609343
- Fixes related to rhbz 831676

Fri Jul 20 14:00:00 2012 Fedora Release Engineering - 2.6.38-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild

Mon May 14 14:00:00 2012 Avesh Agarwal - 2.6.38-1
- Fixes 806518: new upstream release
- Updated local patches

Fri Jan 13 13:00:00 2012 Fedora Release Engineering - 2.6.37-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild

Fri Oct 28 14:00:00 2011 Avesh Agarwal - 2.6.37-1
- new upstream release
- fixes for cve-2011-4073

Wed Oct 26 14:00:00 2011 Marcela Mašláňová - 2.6.36-1.2
- rebuild with new gmp without compat lib

Wed Oct 12 14:00:00 2011 Peter Schiffer - 2.6.36-1.1
- rebuild with new gmp

Wed Oct 5 14:00:00 2011 Avesh Agarwal - 2.6.36-1
- new upstream release
- fixes for cve-2011-3380

Mon Sep 12 14:00:00 2011 Avesh Agarwal - 2.6.35-2
- Fixes for rhbzs #592265, #693432, #719594

Mon Aug 1 14:00:00 2011 Avesh Agarwal - 2.6.35-1
- Fixes 725371: new upstream release
- Updated local patches

Tue Jun 28 14:00:00 2011 Avesh Agarwal - 2.6.34-1
- New upstream release openswan-2.6.34
- Fixes 716145: Openswan Failed To Build From Source against
the rawhide tree
- Fixes 712037: new upstream release
- Fixes 709273: Local patch for #600174 adds bogus addresses and routes

Wed May 25 14:00:00 2011 Avesh Agarwal - 2.6.33-1
- New upstream release openswan-2.6.33
- Updated local patches
- Fixes for bz 704118: openswan-cisco interop issues
- Fixes for bz 687870: openswan-cisco interop issues
- Fixes for bz 700826: nss-tools requires issue
- Fixes for bz 656649: %ghost issue for /var/run/pluto
- Fixes for bz 679379: new upstream release
- Fixes for gcc erros, picked it from upstream commit-da9a995

Tue Feb 8 13:00:00 2011 Fedora Release Engineering - 2.6.32-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild

Mon Dec 20 13:00:00 2010 Avesh Agarwal - 2.6.32-1
- New upstream release openswan-2.6.32
- Updated local patches
- Removed USE_MODP_RFC5114 as upstream enabled it by default

Wed Oct 20 14:00:00 2010 Avesh Agarwal - 2.6.31-1
- New upstream release openswan-2.6.31

Thu Sep 30 14:00:00 2010 Avesh Agarwal - 2.6.29-2
- rhbz#636572, fix to openswan default start issue

Mon Sep 27 14:00:00 2010 Avesh Agarwal - 2.6.29-1
- New upstream release
- Fixes for CVE-2010-3308 and CVE-2010-3302

Tue Sep 7 14:00:00 2010 Tomas Mraz - 2.6.28-2
- Use new fipscheck to make .hmac files placement FHS compliant

Fri Aug 13 14:00:00 2010 Avesh Agarwal - 2.6.28-1
- New upstream release
- Updated existing patches
- Changed man to man-db in Buildrequires

Fri Jul 2 14:00:00 2010 Avesh Agarwal - 2.6.27-1
- NetworkManager-openswan plugin related changes
- Fixes for bz 600167
- Fixes for bz 600174
- Fixes for bz 584224
- Updated old patches

Sat May 29 14:00:00 2010 Avesh Agarwal - 2.6.25-2
- NetworkManager-openswan plugin related changes
- Fixes for bz 584224

Mon Mar 29 14:00:00 2010 Avesh Agarwal - 2.6.25-1
- New upstream release
- Updated existing patches that could not make into this release

Thu Mar 18 13:00:00 2010 Avesh Agarwal - 2.6.24-5
- Openswan-cisco interop functionality now inlcludes the
processing of domain defintion attributes obtained from Cisco
VPN server
- Openswan client can update and restore /etc/resolv.conf file
based on the DNS information obtained Cisco VPN server
- Implementation of new Diffie-Hellman groups as in RFC 5114

Wed Mar 3 13:00:00 2010 Avesh Agarwal - 2.6.24-4
- Fixes for openswan-cisco interop functionality
- Fix for the issue of hardcoded 96 bits of hmac sha1/md5
- Fix for eliminating compile time warnings
- Fix for the issueo where ipsec help shows the list twice
(rhbz 524146, 509318)
- Implementation of ikev2 transport mode support
(rhbz 568652, 561042)
- Fix for the issue when pluto\'s child can not add routes,
related to libcan-ng (rhbz 568493, 550023)
- Fix for the issue of xauth password when read from prompt
- Some subcommad (spi, spigrp, tncfg) are not used with NETKEY,
a proper error handling has been added for this issue.
(rhbz 568648, 560596)
- Fix for Openswan-win2k issue where ports are not handled
correctly (rhbz 563779)

Thu Feb 18 13:00:00 2010 Avesh Agarwal - 2.6.24-3
- Fix for making explicit (or avoiding implicit) linking
for pthread (#565410)
- Modified package description
- Fixed a typo (IKEv2 RFC number).

Mon Feb 8 13:00:00 2010 Avesh Agarwal - 2.6.24-2
- Modified summary in spec file
- Replaced buildroot with RPM_BUILD_ROOT in spec file
- Included html files in the doc package
- Patch for disabling openswan startup at the system
boot by default

Mon Jan 11 13:00:00 2010 Avesh Agarwal - 2.6.24-1
- New upstream release
- Cisco interop patches
- Improved init script
- Fix to allow \";\" in the ike/esp parameters
- Fix to unset IKEv2 Critical flag for payloads defined in RFC 4306
- Fix to Zeroize ISAKMP and IPsec SA\'s when in FIPS mode
- Fix to the issue where Some programs were installed
twice causing .old files
- lwdns.req.log moved from /var/tmp/ to /var/run/pluto/ .
This is to avoid an SElinux AVC Denial

Wed Sep 9 14:00:00 2009 Avesh Agarwal - 2.6.23-1
- New upstream release
- Supports smartcards now
- Supports PSK with NSS
- Supports libcap-ng for lowering capabilities of pluto process
- Updated README.nss

Sat Jul 25 14:00:00 2009 Fedora Release Engineering - 2.6.22-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild

Thu Jul 23 14:00:00 2009 Avesh Agarwal - 2.6.22-1
- New upstream release
- Added support for using PSK with NSS
- Fixed several warnings and undid unnecessary debug messages
- Updated README.nss with an example configuration
- Moved README.nss to openswan/doc/
- Improved FIPS integrity check functionality

Mon Jul 6 14:00:00 2009 Avesh Agarwal - 2.6.21-5
- Added support for using PSK with NSS
- Fixed several warnings and undid unnecessary comments
- Updated README.nss with an example configuration
- Fixed Openswan ASN.1 parser vulnerability (CVE-2009-2185)

Tue Apr 14 14:00:00 2009 Avesh Agarwal - 2.6.21-4
- Updated the Openswan-NSS porting to enable nss and fipscheck by default
- fipscheck requires fipscheck-devel library

Tue Apr 14 14:00:00 2009 Avesh Agarwal - 2.6.21-3
- Updated the Openswan-NSS porting to enable nss by default
- The patch includes README.nss for information about NSS usage

Mon Apr 13 14:00:00 2009 Avesh Agarwal - 2.6.21-2
- Applied patch to support NSS, currently disabled due to
dependency on rh bz #491693
- The patch also supports fips check integrity
(requires fipscheck-devel library)

Mon Mar 30 14:00:00 2009 Avesh Agarwal - 2.6.21-1
- new upstream release
- Fix for CVE-2009-0790 DPD crasher
- Fix remaining SADB_EXT_MAX -> K_SADB_EXT_MAX entries
- Fix ipsec setup --status not showing amount of tunnels with netkey

Thu Feb 26 13:00:00 2009 Fedora Release Engineering - 2.6.19-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild

Tue Nov 25 13:00:00 2008 Avesh Agarwal - 2.6.19-1
- new upstream release

Mon Oct 13 14:00:00 2008 Avesh Agarwal - 2.6.18-2
- Addressed some issues related to buzilla 447419
- Added xmlto and bind-devel to BuildRequires
- Removed the patch openswan-2.6-noxmlto.patch
- Removed the command \"rm -rf programs/readwriteconf\" from the spec file
as readwriteconf is used with \"make check\" for debugging purposes.
- Removed USE_LWRES=false from the spec file as it has been
obsolete in upstream (using bind-devel instead)

Mon Oct 6 14:00:00 2008 Avesh Agarwal - 2.6.18-1
- new upstream release
- modified default ipsec.conf to address rhbz#463931

Fri Sep 12 14:00:00 2008 Avesh Agarwal - 2.6.16-2
- added initscript patch to prevent openswan service start by default

Tue Sep 9 14:00:00 2008 Avesh Agarwal - 2.6.16-1
- new upstream release

Sat Jul 5 14:00:00 2008 Steve Grubb - 2.6.15-1
- new upstream release

Fri Jun 6 14:00:00 2008 Steve Grubb - 2.6.14-1
- new upstream release

Tue Mar 18 13:00:00 2008 Steve Conklin - 2.6.09-2
- removing patch - using upstream init script as is

Wed Mar 12 13:00:00 2008 Steve Conklin - 2.6.08-1
- Moved to latest upstream
- Replaced the init script source file with a patch to the upstream one
- (no functional changes to the init script)
- Added protostack=netkey to ipsec.conf
- New patch to include definition of HOST_NAME_MAX

Mon Feb 11 13:00:00 2008 Steve Conklin - 2.6.07-1
- Moved to latest upstream

Thu Feb 7 13:00:00 2008 Steve Conklin - 2.6.05-1
- Removed check for selinux enforcing mode in verify script
- Moved to latest upstream

Mon Jan 28 13:00:00 2008 Steve Conklin - 2.6.04-1
- Move to new upstream source

Thu Jan 24 13:00:00 2008 Steve Conklin - 2.6.03-9
- Added af_key module load to init script
- Removed spurious warning about interfaces=

Mon Jan 21 13:00:00 2008 Steve Conklin - 2.6.03-8
Related: rhbz#235224
- rpmdiff spotted these:
- Cleaned out unused man page
- patch error in barf script

Fri Jan 18 13:00:00 2008 Steve Conklin - 2.6.03-7
- Addressed the last set of small changes for package review

Thu Jan 17 13:00:00 2008 Steve Conklin - 2.6.03-6
- Moved everything else out of /usr/lib
- Added tmraz\'s patch to remove extra slashes in makefile
- Removed macros from changelog entries

Thu Jan 17 13:00:00 2008 Steve Conklin - 2.6.03-5
- Removed userland macros from spec file

Thu Jan 17 13:00:00 2008 Steve Conklin - 2.6.03-4
- Removed use of xmlto and the BuildRequires
- moved scripts from /usr/lib to /usr/libexec
- removed man3 pages for libopenswan functions (we don\'t deliver)

Wed Jan 16 13:00:00 2008 Steve Conklin - 2.6.03-3
- Removed _smp_mflags macro from from the spec file build section
- Added BuildRequires for xmlto
- Changed License from GPL to GPL+
- removed klips ifdefs from spec file
- Added patch to move example configs to doc dir
- Added a patch to make the link to init script relative,
for chroot environments

Fri Jan 11 13:00:00 2008 Steve Conklin - 2.6.03-2
- Removed copy of file that no longer exists

Fri Jan 11 13:00:00 2008 Steve Conklin - 2.6.03-1
- Latest upstream tarball, includes fixes

Thu Jan 10 13:00:00 2008 Steve Conklin - 2.6.02-2
- Rebase to 2.6.02, add initial ikev2 support

Mon Sep 17 14:00:00 2007 Steve Conklin - 2.4.9-2
- Forgot changelog on last entry

Mon Sep 17 14:00:00 2007 Steve Conklin - 2.4.9-1
- sync to upstream latest

Tue Mar 20 13:00:00 2007 Florian La Roche - 2.4.7-3
- do not use epoch macro, it is unset

Wed Feb 28 13:00:00 2007 Harald Hoyer - 2.4.7-2
- specfile review

Fri Jan 26 13:00:00 2007 Harald Hoyer - 2.4.7-1
- removed key generation from install phase
- version 2.4.7

Wed Jul 12 14:00:00 2006 Jesse Keating - 2.4.5-2.1
- rebuild

Wed May 17 14:00:00 2006 Harald Hoyer - 2.4.5-2
- fixed typo (bug #191930)

Fri May 5 14:00:00 2006 Harald Hoyer - 2.4.5-1
- version 2.4.5

Fri Feb 10 13:00:00 2006 Jesse Keating - 2.4.4-1.1.2.1
- bump again for double-long bug on ppc(64)

Tue Feb 7 13:00:00 2006 Jesse Keating - 2.4.4-1.1.2
- rebuilt for new gcc4.1 snapshot and glibc changes

Fri Dec 9 13:00:00 2005 Jesse Keating
- rebuilt

Fri Nov 18 13:00:00 2005 Harald Hoyer - 2.4.4-1.1
- version 2.4.4
- fixes NISCC Vulnerability Advisory 273756/NISCC/ISAKMP
- fixes NISCC Advisory 3756/NISCC/ISAKMP

Wed Nov 2 13:00:00 2005 Harald Hoyer - 2.4.2-0.dr5.1
- version 2.4.2dr5

Tue Oct 25 14:00:00 2005 Harald Hoyer - 2.4.2-0.dr1.1
- version 2.4.2dr1

Tue Sep 13 14:00:00 2005 Harald Hoyer - 2.4.0-1
- version 2.4.0

Wed Aug 31 14:00:00 2005 Harald Hoyer - 2.4.0-0.rc4.1
- new version

Sun Jul 31 14:00:00 2005 Florian La Roche
- remove sysv startup links to build with current rpm

Thu May 12 14:00:00 2005 Harald Hoyer - 2.3.1-3
- added openswan-2.3.1-nat_t_aggr.patch
- added openswan-2.3.1-iproute2.patch
- added openswan-2.3.1-cisco.patch
- NAT-T/XAUTH/AGGR-MODE is now possible with a Cisco VPN 3000

Wed Apr 27 14:00:00 2005 Harald Hoyer - 2.3.1-2
- added Requires(post) of coreutils bash (bug 155699)
- added Requires(preun) initscripts chkconfig

Wed Apr 13 14:00:00 2005 Harald Hoyer - 2.3.1-1
- version 2.3.1

Mon Apr 4 14:00:00 2005 Jeremy Katz - 2.3.0-6
- remove some duplicate copies of the docs

Wed Mar 2 13:00:00 2005 Harald Hoyer
- rebuilt

Mon Feb 21 13:00:00 2005 Harald Hoyer - 2.3.0-4
- fixed bug rh#149164

Fri Feb 18 13:00:00 2005 Harald Hoyer - 2.3.0-3
- patched code to compile with gcc4

Fri Jan 14 13:00:00 2005 Harald Hoyer - 2.3.0-2
- Do not enable the initscript per default

Tue Jan 11 13:00:00 2005 Harald Hoyer - 2.3.0-1
- version 2.3.0
- reimported specfile
- PIEd openswan
- cleaned up initial config files and added include directives
for easy config drop in

Wed Jan 5 13:00:00 2005 Paul Wouters
- Updated for x86_64 and klips on 2.6

Tue Nov 2 13:00:00 2004 Dan Walsh - 2.1.5-3
- Apply selinux patch

Thu Oct 21 14:00:00 2004 Bill Nottingham - 2.1.5-2
- don\'t run by default. again.

Wed Oct 13 14:00:00 2004 Harald Hoyer - 2.1.5-1
- added selinux patch from Daniel Walsh
- initscript now uses translated strings
- version 2.1.5 with minor fixes

Tue Sep 21 14:00:00 2004 Harald Hoyer - 2.1.4-7
- added more build reqs (bug #132877)

Thu Sep 9 14:00:00 2004 Bill Nottingham - 2.1.4-6
- don\'t run by default
- don\'t create/chmod directories in %post, just include them with the
right perms
- fix debuginfo
- fix docs

Mon Aug 23 14:00:00 2004 Jason Vas Dias - 2.1.4-5
- Added debuginfo package

Mon Aug 23 14:00:00 2004 Jason Vas Dias - 2.1.4-4
- Install man-pages
- Fix initscript \'fail()\' func to write newline before failure()

Thu Aug 19 14:00:00 2004 Jason Vas Dias - 2.1.4-3
- Fix \'service ipsec status\' output

Wed Aug 18 14:00:00 2004 Jason Vas Dias - 2.1.4-2
- Normalize initscripts for Red Hat and add translation string support

Tue Aug 17 14:00:00 2004 Harald Hoyer - 2.1.4-1
- initial import

Tue May 25 14:00:00 2004 Ken Bantoft
- Initial version, based on FreeS/WAN .spec


  
ICM