Fedora 19 Update: libreswan-3.10-3.fc19

updates at fedoraproject.org updates at fedoraproject.org
Fri Sep 19 10:16:08 UTC 2014 

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2014-10560
2014-09-10 12:26:23
--------------------------------------------------------------------------------

Name        : libreswan
Product     : Fedora 19
Version     : 3.10
Release     : 3.fc19
URL         : https://www.libreswan.org/
Summary     : IPsec implementation with IKEv1 and IKEv2 keying protocols
Description :
Libreswan is a free implementation of IPsec & IKE for Linux.  IPsec is
the Internet Protocol Security and uses strong cryptography to provide
both authentication and encryption services.  These services allow you
to build secure tunnels through untrusted networks.  Everything passing
through the untrusted net is encrypted by the ipsec gateway machine and
decrypted by the gateway at the other end of the tunnel.  The resulting
tunnel is a virtual private network or VPN.

This package contains the daemons and userland tools for setting up
Libreswan. To build KLIPS, see the kmod-libreswan.spec file.

Libreswan also supports IKEv2 (RFC4309) and Secure Labeling

Libreswan is based on Openswan-2.6.38 which in turn is based on FreeS/WAN-2.04

--------------------------------------------------------------------------------
Update Information:

Fix some coverity issues, auto=route on bootup and snprintf on 32bit machines
Updated to 3.9. IKEv2 enhancements, ESP/IKE algo enhancements
--------------------------------------------------------------------------------
ChangeLog:

* Tue Sep  9 2014 Paul Wouters <pwouters at redhat.com> - 3.10-3
- Fix some coverity issues, auto=route on bootup and snprintf on 32bit machines
* Mon Sep  1 2014 Paul Wouters <pwouters at redhat.com> - 3.10-1
- Updated to 3.10, major bugfix release, new xauth status options
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 3.9-1.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Thu Jul 10 2014 Paul Wouters <pwouters at redhat.com> - 3.9-1
- Updated to 3.9. IKEv2 enhancements, ESP/IKE algo enhancements
- Mark libreswan-fips.conf as config file
- attr modifier for man pages no longer needed
- BUGS file no longer exists upstream
* Sat Jun  7 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 3.8-1.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Sat Jan 18 2014 Paul Wouters <pwouters at redhat.com> - 3.8-1
- Updated to 3.8, fixes rhbz#CVE-2013-6467 (rhbz#1054102)
* Wed Dec 11 2013 Paul Wouters <pwouters at redhat.com> - 3.7-1
- Updated to 3.7, fixes CVE-2013-4564
- Fixes creating a bogus NSS db on startup (rhbz#1005410)
* Sat Nov  2 2013 Paul Wouters <pwouters at redhat.com> - 3.6-1
- Updated to 3.6 (IKEv2, MODECFG, Cisco interop fixes)
- Generate empty NSS db if none exists
- FIPS update, prelink blacklist added.
* Mon Aug 19 2013 Paul Wouters <pwouters at redhat.com> - 3.5-2
- Add a Provides: for openswan-doc
- Added interop patch for (some?) Cisco VPN clients sending 16 zero
  bytes of extraneous IKE data
- Removed fipscheck_version
* Mon Jul 15 2013 Paul Wouters <pwouters at redhat.com> - 3.5-1
- Updated to 3.5
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1014818 - swan (ipsec) fails to start as it is prohibited to write to cert DB due to selinux
        https://bugzilla.redhat.com/show_bug.cgi?id=1014818
  [ 2 ] Bug #1016411 - SELinux is preventing /usr/libexec/ipsec/pluto from 'write' accesses on the file /etc/ipsec.d/cert8.db.
        https://bugzilla.redhat.com/show_bug.cgi?id=1016411
  [ 3 ] Bug #1005407 - [selinux] Denial when using the ipsec command
        https://bugzilla.redhat.com/show_bug.cgi?id=1005407
  [ 4 ] Bug #1012637 - won't start up due to incorrect selinux labels on /etc/ipsec.d/{cert8,key3}.db
        https://bugzilla.redhat.com/show_bug.cgi?id=1012637
  [ 5 ] Bug #1025914 - disabling crl/curl in Makefile.inc still requires you to have all curl dependencies
        https://bugzilla.redhat.com/show_bug.cgi?id=1025914
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use
su -c 'yum update libreswan' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

More information about the package-announce mailing list