[SECURITY] Fedora 21 Update: strongswan-5.3.2-1.fc21

updates at fedoraproject.org updates at fedoraproject.org
Wed Aug 19 08:21:24 UTC 2015 

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2015-5247
2015-04-01 21:10:56
--------------------------------------------------------------------------------

Name        : strongswan
Product     : Fedora 21
Version     : 5.3.2
Release     : 1.fc21
URL         : http://www.strongswan.org/
Summary     : An OpenSource IPsec-based VPN and TNC solution
Description :
The strongSwan IPsec implementation supports both the IKEv1 and IKEv2 key
exchange protocols in conjunction with the native NETKEY IPsec stack of the
Linux kernel.

--------------------------------------------------------------------------------
Update Information:

New upstream release 5.3.2. Fixes CVE-2014-9221 and CVE-2015-3991.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jun  9 2015 Pavel Šimerda <psimerda at redhat.com>
- new version 5.3.2
* Fri Jun  5 2015 Pavel Šimerda <psimerda at redhat.com>
- new version 5.3.1
* Tue Mar 31 2015 Pavel Šimerda <psimerda at redhat.com>
- new version 5.3.0
* Fri Feb 20 2015 Avesh Agarwal <avagarwa at redhat.com> - 5.2.2-2
- Fixes strongswan swanctl service issue rhbz#1193106
* Tue Jan  6 2015 Pavel Šimerda <psimerda at redhat.com> - 5.2.2-1
- new version 5.2.2
* Thu Dec 18 2014 Avesh Agarwal <avagarwa at redhat.com> - 5.2.2-0.2.dr1
- Enabled ccm, and ctr plugins as it seems enabling just openssl does
  not work for using ccm and ctr algos.
* Mon Dec  8 2014 Avesh Agarwal <avagarwa at redhat.com> - 5.2.2-0.1.dr1
- New strongswan developer release 5.2.2dr1
* Mon Nov 24 2014 Avesh Agarwal <avagarwa at redhat.com> - 5.2.1-2
- 1167331: Enabled native systemd support.
- Does not disable old systemd, starter, ipsec.conf support yet.
* Thu Oct 30 2014 Avesh Agarwal <avagarwa at redhat.com> - 5.2.1-1
- New upstream release 5.2.1
* Thu Oct 16 2014 Avesh Agarwal <avagarwa at redhat.com> - 5.2.1-0.2.rc1
- New upstream release candidate 5.2.1rc1
* Fri Oct 10 2014 Pavel Šimerda <psimerda at redhat.com> - 5.2.1-1
- new version 5.2.1dr1
* Thu Sep 25 2014 Pavel Šimerda <psimerda at redhat.com> - 5.2.0-7
- use upstream patch for json/json-c dependency
* Thu Sep 25 2014 Pavel Šimerda <psimerda at redhat.com> - 5.2.0-6
- Resolves: #1146145 - Strongswan is compiled without xauth-noauth plugin
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1228819 - CVE-2015-3991 strongswan: incorrect payload processing for different IKE versions [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1228819
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use
su -c 'yum update strongswan' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

More information about the package-announce mailing list