SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for libreswan-3.12-10.1.el7_1.x86_64.rpm :
Tue Jun 23 14:00:00 2015 Scientific Linux Auto Patch Process
- Eliminated rpmbuild \"bogus date\" error due to inconsistent weekday,
by assuming the date is correct and changing the weekday.

Fri May 29 14:00:00 2015 Paul Wouters - 3.12-10.1
- Resolves: rhbz#1226407 CVE-2015-3204 libreswan: crafted IKE packet causes daemon restart

Tue May 5 14:00:00 2015 Paul Wouters - 3.12-10
- Resolves: rhbz#1213652 Support CAVS [updated another prf() free symkey, bogus fips mode fix]

Tue Apr 28 14:00:00 2015 Paul Wouters - 3.12-9
- Resolves: rhbz#1213652 Support CAVS [updated to kill another copy of prf()]
- Resolves: rhbz#1208023 Libreswan with IPv6 [updated patch by Jaroslav Aster]
- Resolves: rhbz#1208022 libreswan ignores module blacklist [updated modprobe handling]

Mon Apr 20 14:00:00 2015 Paul Wouters - 3.12-8
- Resolves: rhbz#1213652 Support CAVS testing of the PRF/PRF+ functions

Mon Apr 13 14:00:00 2015 Paul Wouters - 3.12-7
- Resolves: rhbz#1208022 libreswan ignores module blacklist rules
- Resolves: rhbz#1208023 Libreswan with IPv6 in RHEL7 fails after reboot
- Resolves: rhbz#1211146 pluto crashes in fips mode

Tue Mar 17 13:00:00 2015 Paul Wouters - 3.12-6
- Resolves: rhbz#1198650 SELinux context string size limit
- Resolves: rhbz#1198649 Add new option for BSI random requirement

Tue Jan 20 13:00:00 2015 Paul Wouters - 3.12-5
- Resolves: rhbz#826264 aes-gcm implementation support (for IKEv2)
- Resolves: rhbz#1074018 Audit key agreement (integ gcm fixup)

Tue Dec 30 13:00:00 2014 Paul Wouters - 3.12-4
- Resolves: rhbz#1134297 aes-ctr cipher is not supported
- Resolves: rhbz#1131503 non-zero rSPI on INVALID_KE (and proper INVALID_KE handling)

Thu Dec 4 13:00:00 2014 Paul Wouters - 3.12-2
- Resolves: rhbz#1105171 (Update man page entry)
- Resolves: rhbz#1144120 (Update for ESP CAMELLIA with IKEv2)
- Resolves: rhbz#1074018 Audit key agreement

Fri Nov 7 13:00:00 2014 Paul Wouters - 3.12-1
- Resolves: rhbz#1136124 rebase to libreswan 3.12
- Resolves: rhbz#1052811 [TAHI] (also clear reserved flags for isakmp_sa header)
- Resolves: rhbz#1157379 [TAHI][IKEv2] IKEv2.EN.R.1.3.3.1: Non RESERVED fields in INFORMATIONAL request

Mon Oct 27 13:00:00 2014 Paul Wouters - 3.11-2
- Resolves: rhbz#1136124 rebase to libreswan 3.11 (coverity fixup, dpdaction=clear fix)

Wed Oct 22 14:00:00 2014 Paul Wouters - 3.11-1
- Resolves: rhbz#1136124 rebase to libreswan 3.11
- Resolves: rhbz#1099905 ikev2 delete payloads are not delivered to peer
- Resolves: rhbz#1147693 NetworkManger-libreswan can not connect to Red Hat IPSec Xauth VPN
- Resolves: rhbz#1055865 [TAHI][IKEv2] libreswan do not ignore the content of version bit
- Resolves: rhbz#1146106 Pluto crashes after start when some ah algorithms are used
- Resolves: rhbz#1108256 addconn compatibility with openswan
- Resolves: rhbz#1152625 [TAHI][IKEv2] IKEv2.EN.I.1.1.6.2 Part D: Integrity Algorithm AUTH_AES_XCBC_96 fail
- Resolves: rhbz#1119704 [TAHI][IKEv2]IKEv2Interop.1.13a test fail
- Resolves: rhbz#1100261 libreswan does not send response when when it receives Delete Payload for a CHILD_SA
- Resolves: rhbz#1100239 ikev2 IKE SA responder does not send delete request to IKE SA initiator
- Resolves: rhbz#1052811 [TAHI][IKEv2]IKEv2.EN.I.1.1.11.1: Non zero RESERVED fields in IKE_SA_INIT response
- Resolves: rhbz#1126868 ikev2 sequence numbers are implemented incorrectly
- Resolves: rhbz#1145245 Libreswan appears to start with systemd before all the NICs are up and running.
- Resolves: rhbz#1145231 libreswan 3.10 upgrade breaks old ipsec.secrets configs
- Resolves: rhbz#1144123 Add ESP support for AES_XCBC hash for USGv6 and IPsec-v3 compliance
- Resolves: rhbz#1144120 Add ESP support for CAMELLIA for USGv6 and IPsec-v3 compliance
- Resolves: rhbz#1099877 Missing man-pages ipsec_whack, ipsec_manual
- Resolves: rhbz#1100255 libreswan Ikev2 implementation does not send an INFORMATIONAL response when it receives an INFORMATIONAL request with a Delete Payload for an IKE_SA

Tue Sep 9 14:00:00 2014 Paul Wouters - 3.10-3
- Resolves: rhbz#1136124 rebase to 3.10 (auto=route bug on startup)

Mon Sep 8 14:00:00 2014 Paul Wouters - 3.10-2
- Resolves: rhbz#1136124 rebase to libreswan 3.10

Mon Jul 14 14:00:00 2014 Paul Wouters - 3.8-6
- Resolves: rhbz#1092047 pluto cannot write to directories not owned by root

Thu Apr 10 14:00:00 2014 Paul Wouters - 3.8-5
- Resolves: rhbz#1052834 create_child_sa message ID handling

Tue Mar 18 13:00:00 2014 Paul Wouters - 3.8-4
- Resolves: rhbz#1052834 create_child_sa response

Wed Mar 5 13:00:00 2014 Paul Wouters - 3.8-3
- Resolves: rhbz#1069024 erroneous debug line with mixture [...]
- Resolves: rhbz#1030939 update nss/x509 documents, don\'t load acerts
- Resolves: rhbz#1058813 newhostkey returns zero value when it fails

Fri Jan 24 13:00:00 2014 Daniel Mach - 3.8-2
- Mass rebuild 2014-01-24

Thu Jan 16 13:00:00 2014 Paul Wouters - 3.8-1
- Resolves: rhbz#CVE-2013-6467
- Resolves: rhbz#1043642 rebase to version 3.8
- Resolves: rhbz#1029912 ipsec force-reload doesn\'t work
- Resolves: rhbz#826261 Implement SHA384/512 support for Openswan
- Resolves: rhbz#1039655 ipsec newhostkey generates false configuration

Fri Dec 27 13:00:00 2013 Daniel Mach - 3.6-3
- Mass rebuild 2013-12-27

Fri Nov 8 13:00:00 2013 Paul Wouters - 3.6-2
- Fix race condition in post for creating nss db

Thu Oct 31 13:00:00 2013 Paul Wouters - 3.6-1
- Updated to version 3.6 (IKEv2, MODECFG, Cisco interop fixes)
- Generate empty NSS db if none exists
- FIPS update using /etc/system-fips
- Provide: openswan-doc

Fri Aug 9 14:00:00 2013 Paul Wouters - 3.5-2
- rebuilt and bumped EVR to avoid confusion of import->delete->import
- require iproute

Mon Jul 15 14:00:00 2013 Paul Wouters - 3.5-1
- Initial package for RHEL7
- Added interop patch for (some?) Cisco VPN clients sending 16 zero
bytes of extraneous IKE data
- Removed fipscheck_version


  
ICM