forked from pool/strongswan
This commit is contained in:
OBS User unknown
committed by
Git OBS Bridge
Git OBS Bridge
parent
380fc5b493
commit
704cfd98ac
@@ -1,3 +1,28 @@
|
||||
-------------------------------------------------------------------
|
||||
Mon Jul 27 13:40:57 CEST 2009 - mt@suse.de
|
||||
|
||||
- Updated to strongSwan 4.3.3 release:
|
||||
* The configuration option --enable-integrity-test plus the
|
||||
strongswan.conf option libstrongswan.integrity_test = yes
|
||||
activate integrity tests of the IKE daemons charon and pluto,
|
||||
libstrongswan and all loaded plugins. Thus dynamic library
|
||||
misconfigurations and non-malicious file manipulations can be
|
||||
reliably detected.
|
||||
* The new default setting libstrongswan.ecp_x_coordinate_only=yes
|
||||
allows IKEv1 interoperability with MS Windows using the ECP DH
|
||||
groups 19 and 20.
|
||||
* The IKEv1 pluto daemon now supports the AES-CCM and AES-GCM ESP
|
||||
authenticated encryption algorithms.
|
||||
* The IKEv1 pluto daemon now supports V4 OpenPGP keys.
|
||||
* The RDN parser vulnerability discovered by Orange Labs research
|
||||
team was not completely fixed in version 4.3.2. Some more
|
||||
modifications had to be applied to the asn1_length() function to
|
||||
make it robust.
|
||||
- Enabled --enable-integrity-test configure option (new feature).
|
||||
- Removed patch to avoid plugin versions (accepted by upstream)
|
||||
and added patch to avoid version for new libchecksum library.
|
||||
- Added -Wno-pointer-sign -Wno-strict-aliasing CFLAGS in the spec.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jun 10 11:04:44 CEST 2009 - mt@suse.de
|
||||
|
||||
|
||||
Reference in New Issue
Block a user