Hi,
Now I'm using ipsec-tools-0.2.5-1.i386.rpm in my Fedora Core 2 ( with kernel 2.6.5 ). Today, I saw in IPsec Tools Homepage (http://ipsec-tools.sourceforge.net/), there is a statement which says:
IMPORTANT: Users of IPsec-tools are strongly recommended to upgrade to a version released on or after 2004-04-05. Older versions contain a security problem that bites connections authorized with X.509 certificates
Then, Does the ipsec-tools-0.2.5-1.i386.rpm in FC2 also has such a security problem? (i.e. has some security fixs been added into the ipsec-tools-0.2.5-1.i386.rpm, and can we use the rpm package with no such a danger? )
And, if I use ipsec-tools-0.3.3-1.i386.rpm instead of ipsec-tools-0.2.5-1.i386.rpm while do not change any other components in my FC2(including FC2 itself), will the update cause any conflict or compatible issue to my FC2 box? (i.e. Can I use ipsec-tools-0.3.3-1.i386.rpm in my FC2 box safely? )
Thanks a lot.
-- Best Regards, Park Lee parklee_sel@yahoo.com
__________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
On Sat, Oct 30, 2004 at 06:15:34AM -0700, Park Lee wrote:
Now I'm using ipsec-tools-0.2.5-1.i386.rpm in my Fedora Core 2 ( with kernel 2.6.5 ). Today, I saw in IPsec Tools Homepage (http://ipsec-tools.sourceforge.net/), there is a statement which says:
IMPORTANT: Users of IPsec-tools are strongly recommended to upgrade to a version released on or after 2004-04-05. Older versions contain a security problem that bites connections authorized with X.509 certificates
Then, Does the ipsec-tools-0.2.5-1.i386.rpm in FC2 also has such a security problem? (i.e. has some security fixs been added into the ipsec-tools-0.2.5-1.i386.rpm, and can we use the rpm package with no such a danger? )
The 0.2.5-1 package does have this problem. The 0.2.5-2 package was released as an update to incorporate a fix, and 0.2.5-4 some time after that to correct a different problem.
I strongly suggest that you subscribe to the fedora-announce-list mailing list [1], so that you'll receive notifications of future updates, and use either up2date or yum to install updates which have been released which you may have not installed.
HTH,
Nalin
[1] http://www.redhat.com/mailman/listinfo/fedora-announce-list