SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for ipsec-tools-debuginfo-0.8.0-11.1.x86_64.rpm :

* Wed Oct 05 2016 jbohacAATTsuse.cz- fix_plog_initialization.patch (bsc#1002216) Move logging initialization up to prevent crash with -l.
* Fri Mar 04 2016 dbondAATTsuse.de- (bsc#968926) add /usr/bin/systemd-tmpfiles --create %{_tmpfilesdir}/racoon.conf || : to %post section of .spec file to cause the creation of the /run/racoon directory upon rpm installation.
* Tue Jun 09 2015 meissnerAATTsuse.com- racoon.psk.patch: disabled one IP entry from the examples.
* Fri May 22 2015 jbohacAATTsuse.com- fix-gssapi-null-dereference.patch: Fix a GSSAPI NULL pointer dereference in racoon (bsc#931989, CVE-2015-4047)
* Thu Apr 23 2015 meissnerAATTsuse.com- racoon-fips-rsa.patch: Increase minimum RSA exponent to RSA_F4 aka 65537 (mandated by FIPS 140-2). bsc#928313
* Mon Jan 19 2015 meissnerAATTsuse.com- racoon-no-md5.patch: Use sha1 instead of md5 during hashing received packets to allow FIPS usage. allow md5 during vendor id hashing, as this seems to be come from over the wire. bsc#905780
* Tue Jul 08 2014 meissnerAATTsuse.com- ipsec-tools-0.8.0-certasn1txtbroken.patch: disable the certificate test in src/racoon/eaytest.c as the internal X.509 ASN.1 string presentation was changed in openssl and the test currently does not work.
* Thu Mar 13 2014 jbohacAATTsuse.cz- add RemainAfterExit=yes to the .service file (bnc#856625)
* Fri Jan 10 2014 jbohacAATTsuse.cz- upgrade to version 0.8.0: o Fix authentication method ambiguity with kerberos and xauth o RFC2253 compliant escaping of asn1dn identifiers (Cyrus Rahman) o Local address code rewrite to speed things up o Improved MIPv6 support (Arnaud Ebalard) o ISAKMP SA (phase1) rekeying o Improved scheduler (faster algorithm, support monotonic clock) o Handle RESPONDER-LIFETIME in quick mode o Handle INITIAL-CONTACT in from main mode too o Rewritten event handling framework for admin port o Ability to initiate IPsec SA through admin port o NAT-T Original Address handling (transport mode NAT-T support) o clean NAT-T - PFkey support o support for multiple anonymous remoteconfs o Remove various obsolete configuration options o A lot of other bug fixes, performance improvements and clean ups- Remove ipsec-tools-linux-3.7-compat.diff which caused bnc#867055 by including wrong headers; fix by installing linux-glibc-devel and including /usr/include for kernel headers
* Thu Sep 19 2013 crrodriguezAATTopensuse.org- remove unused racoon.init from the package, it was already removed from the spec file in the previous change.
* Thu Sep 19 2013 crrodriguezAATTopensuse.org- Add systemd support, systemctl enable racoon.service also enables helper optional service racoon-setkey- /etc/sysconfig/racoon was never created, fix that.
* Thu Jan 31 2013 mlinAATTsuse.com- Add ipsec-tools-linux-3.7-compat.diff(partly from openwrt)
* since pfkeyv2.h moved to include/uapi/linux as http://lwn.net/Articles/507794/ explained, make the compiler found header in valid path. there is a discussion about this issue at https://dev.openwrt.org/ticket/12813
* Wed Oct 31 2012 mvyskocilAATTsuse.com- unify the permissions of psk.txt to avoid false duplicate warnings from fdupes (bnc#784670)
* Tue Jan 31 2012 meissnerAATTsuse.de- remove suse_update_config macro usage
* Sat Oct 15 2011 cooloAATTsuse.com- add libtool as buildrequire to make the spec file more reliable
* Sun Sep 04 2011 mkubecekAATTsuse.cz- create /var/run/racoon in the init script rather than including it in the package as it doesn\'t work if /var/run is on tmpfs (bnc#710277)
* Sun May 15 2011 chrisAATTcomputersalat.de- remove Author from description- add racoon.psk patch
* Wed May 04 2011 idoenmezAATTnovell.com- Add ipsec-tools-0.7.3-linkerflag.patch: remove wrong linker flag- Add ipsec-tools-0.7.2-nodevel.patch: don\'t install development files, instead of manually removing them in the spec file.- Drop no_werror.patch: Remove Werror flag by sed, its all over the configure file, old patch was incomplete anyway.
* Tue Nov 03 2009 cooloAATTnovell.com- updated patches to apply with fuzz=0
* Tue Oct 06 2009 chrisAATTcomputersalat.de- cleanup spec o sorted sections o simplify clean o sort install section o sort files section- added missing /etc/racoon/cert DIR
* Fri Sep 18 2009 chrisAATTcomputersalat.de- cleanup spec o sorted TAGS o added configure macro- rpmlint o added fdupes- fix selinux build o if suse_version >= 1100
* Thu Jun 11 2009 jbohacAATTsuse.cz- upgrade to 0.7.3- integrated security patch- enabled selinux support (--enable-security-context=yes)
* Thu Jun 11 2009 jbohacAATTsuse.cz- fix_sockaddr_overflow_in_ipsec_doi.c.diff (bnc#506710)
* Wed May 06 2009 jbohacAATTsuse.cz- Upgrade to 0.7.2- fixed some rpmlint warnings/errors- racoon.conf_macros.patch updates the .in file, not the result- added /etc/pam.d/racoon- added --with-libldap
* Tue Sep 23 2008 jbohacAATTsuse.cz- fixed a memory leak in PH1 (bnc#416906, CVE-2008-3652)
* Thu Aug 14 2008 jbohacAATTsuse.cz- Upgrade to 0.7.1 o Fixes a memory leak when invalid proposal received o Some fixes in DPD o do not set default gss id if xauth is used o fixed hybrid enabled builds o fixed compilation on FreeBSD8 o cleanup in network port value manipulation o gets ports from SADB_X_EXT_NAT_T_[SD]PORT if present in purge_ipsec_spi() o Generates a log if cert validation has been disabled by configuration o better handling for pfkey socket read errors o Fixes in yacc / bison stuff o new plog() macro (reduced CPU usage when logging is disabled) o Try to works better with huge SPD/SAD o Corrected modecfg option syntax o Many other various fixes...
* Wed Nov 07 2007 jbohacAATTsuse.cz- Upgrade to 0.7
* Thu Apr 12 2007 jbohacAATTjikos.cz- Fix a DoS in isakmp_info_recv (CVE-2007-1841, 260791)
* Thu Mar 29 2007 ajAATTsuse.de- Add flex and bison to BuildRequires.
* Thu May 04 2006 jbohacAATTsuse.cz- fixed a segfault in GSSAPI initialization (#172196)
* Thu May 04 2006 jbohacAATTsuse.cz- the /var/run/racoon directory was missing from the package which prevented racoon from starting (#170552) - fixed- fixed unexpanded macros in racoon.conf (#170552)
* Tue Mar 21 2006 jbohacAATTsuse.cz- upgrade to 0.6.5 (bugfix release) - Fixed zombie PH1 handler when isakmp_send() fails in isakmp_ph1resend() - Temporary fix for /32 subnets parsing. - make software behave as the documentation advertise for INTERNAL_NETMASK4. Keep the old INTERNAL_MASK4 to avoid breaking backward compatibility. - Fixed / cleaned up signal handling.- added --with-libpam and --enable-adminport (#159647)
* Wed Jan 25 2006 mlsAATTsuse.de- converted neededforbuild to BuildRequires
* Tue Dec 13 2005 jbohacAATTsuse.cz- fixed build
* Tue Dec 13 2005 jbohacAATTsuse.cz- upgrade to 0.6.4- added krb5 support ( --enable-gssapi)- added statistics logging support ( --enable-stats)
* Wed Nov 23 2005 jbohacAATTsuse.cz- upgrade to 0.6.3 - fixes #134834 and an openssl incompatibility issue
* Tue Nov 08 2005 jbohacAATTsuse.cz- fixed build for s390
* Thu Oct 20 2005 jbohacAATTsuse.cz- upgraded to version 0.6.2- enabled NAT-T- fixed build with current openssl
* Wed Aug 31 2005 jbohacAATTsuse.cz- fixed permissions for /etc/racoon/psk.txt (bug #114383)
* Tue Aug 23 2005 jbohacAATTsuse.cz- upgrade to version 0.6.1
* Wed Aug 03 2005 jbohacAATTsuse.cz- fixed build on beta (disabled -Werror again)
* Tue Aug 02 2005 cthielAATTsuse.de- fixed build
* Tue Aug 02 2005 jbohacAATTsuse.cz- upgrade to version 0.6
* Thu May 05 2005 jbohacAATTsuse.cz- upgrade to version 0.5.2- disabled -Werror, because bison-generated code would not compile
* Wed Apr 13 2005 jbohacAATTsuse.cz- upgrade to version 0.5.1- fixed compilation warning/errors regarding char/int signedness
* Wed Apr 13 2005 jbohacAATTsuse.cz- upgrade to version 0.5.1- fixed compilation warning/errors regarding char/int signedness
* Wed Mar 16 2005 jbohacAATTsuse.czThe patch in the previous release was not applied correctly; fixed.
* Tue Mar 15 2005 jbohacAATTsuse.cz- security fix - insecure header parsing (Bug ID: 64726)
* Sat Feb 19 2005 lmuelleAATTsuse.de- Update to version 0.5.
* Wed Jan 05 2005 jbohacAATTsuse.cz- update to ipsec-tools-0.5-rc1
* Thu Nov 18 2004 mludvigAATTsuse.cz- Update to version 0.4
* Mon Sep 13 2004 roAATTsuse.de- undef __P first to make it build
* Tue Aug 10 2004 mludvigAATTsuse.cz- Update to 0.4rc1
* Tue Jun 15 2004 mludvigAATTsuse.cz- Update to 0.3.3 to fix a X.509 cert verification security bug. (http://marc.theaimsgroup.com/?l=bugtraq&m=108726102304507&w=2)
* Mon May 17 2004 mludvigAATTsuse.cz- Fixed comment in racoon.conf (#40576)
* Wed Apr 21 2004 mludvigAATTsuse.cz- Update to 0.3.1 to fix CAN-2004-0403
* Thu Apr 15 2004 mludvigAATTsuse.cz- Update to final 0.3. We had all patches in the package anyway...
* Thu Apr 08 2004 mludvigAATTsuse.cz- Fixed setkey to support multiline commands in interactive mode.- Added \'exit\' command to setkey. The two changes fix TAHI/ipsec tests.- Emit messages about Keep-Alive packets with DEBUG severity instead of INFO. With INFO it only polutes syslog every 20s.
* Mon Apr 05 2004 mludvigAATTsuse.cz- Fixed X.509 security bug (#38373)
* Thu Apr 01 2004 mludvigAATTsuse.cz- Report received SADB_X_NAT_T_NEW_MAPPING message.- Avoid segfault with unknown PF_KEY messages.- Move encmode update out of the loop. NAT-T now works even with more than one proposal.
* Tue Mar 30 2004 mludvigAATTsuse.cz- Rewritten the testsuite to avoid failures on 32b platforms.
* Fri Mar 26 2004 mludvigAATTsuse.cz- Handle input lines one by one in interactive mode (preventing premature exit on syntax error).
* Thu Mar 25 2004 mludvigAATTsuse.cz- Update to 0.3rc4: - Fixed adding \"null\" encryption via \'setkey\'. - Fixed segfault when using AES in Phase1 with OpenSSL>=0.9.7 - Fixed NAT-T in aggresive mode. - Fixed testsuite and added testsuite run into make check.
* Tue Mar 23 2004 mludvigAATTsuse.cz- Fix segfault with AES.- Enable testsuite.
* Mon Mar 22 2004 mludvigAATTsuse.cz- Fix \"null\" encryption setup in setkey.
* Fri Mar 19 2004 mludvigAATTsuse.cz- Fix duplicate ipsec service (#36575)- Update to 0.3rc3
* Thu Mar 11 2004 mludvigAATTsuse.cz- Update to 0.3rc2
* Mon Mar 08 2004 mludvigAATTsuse.cz- Add sysconfig and init.d files.
* Fri Mar 05 2004 mludvigAATTsuse.cz- Include samples config files in the RPM.
* Thu Mar 04 2004 mludvigAATTsuse.cz- update to 0.3rc1
* Tue Feb 03 2004 mludvigAATTsuse.cz- Update to 0.2.4
* Mon Jan 26 2004 roAATTsuse.de- updated neededforbuild \"kernel-source-26\" -> \"kernel-source\"
* Thu Jan 15 2004 mludvigAATTsuse.cz- update to ipsec-tools-0.2.3
* Sat Jan 10 2004 adrianAATTsuse.de- remove obsolete %run_ldconfig
* Tue Dec 23 2003 mludvigAATTsuse.cz- Recognize IPSEC_DIR_FWD when dumping SPD.
* Fri Dec 19 2003 mludvigAATTsuse.cz- Added many fixes gathered from the mailing list.- Added support for specifying SA lifebytes.
* Wed Dec 17 2003 garloffAATTsuse.de- Package ipsec-tools 0.2.2.
  
ICM