Marius Tomaschewski
2fa10a3109
- Fixed a security vulnerability in the openssl plugin which was reported by Kevin Wojtysiak. The vulnerability has been registered as CVE-2013-2944. Before the fix, if the openssl plugin's ECDSA signature verification was used, due to a misinterpretation of the error code returned by the OpenSSL ECDSA_verify() function, an empty or zeroed signature was accepted as a legitimate one. Refer to our blog for details. - The handling of a couple of other non-security relevant OpenSSL return codes was fixed as well. - The tnc_ifmap plugin now publishes virtual IPv4 and IPv6 addresses via its TCG TNC IF-MAP 2.1 interface. - The charon.initiator_only strongswan.conf option causes charon to ignore IKE initiation requests. - The openssl plugin can now use the openssl-fips library. The version 5.0.3 provides new ipseckey plugin, enabling authentication based on trustworthy public keys stored as IPSECKEY resource records in the DNS and protected by DNSSEC and new openssl plugin using the AES-NI accelerated version of AES-GCM if the hardware supports it. See http://wiki.strongswan.org/projects/strongswan/wiki/Changelog50 for a list of all changes since the 5.0.1 release. OBS-URL: https://build.opensuse.org/package/show/network:vpn/strongswan?expand=0&rev=58
15 lines
665 B
Standard ML
15 lines
665 B
Standard ML
-----BEGIN PGP SIGNATURE-----
|
|
Version: GnuPG v1.4.11 (GNU/Linux)
|
|
|
|
iQGcBAABAgAGBQJRflW/AAoJEN9CwXCzTbp3q+oL/jtA73UxuENW3JuA2vgXsHeU
|
|
jpWXDfM1GLEIKgy41D2+ajqx7l1amxM4ZOqtQZhFTMXs4EwWDIxpUl8RiARkwJy6
|
|
ueciwMnsmAbC3tmPa85JwnbgrXrMZX5IfUYRx8+3DdeIuh8gxDOu2nvYGqSdIbh2
|
|
8jN4x21wUQ+9mLz04VmuMKAmImoAitv8z89NVg6ZNiBEiYUfFdrkCepS7IGAY1ie
|
|
pmmYM4svK7LLuXIlQKMyq7mXccjFD0sjM3SS6cIZlxIcOlXuKMa7xmVlkfktz816
|
|
qz8XVOtD2zRiJuxjB92W9BW5Xr/+p5kXx995GjGitxv8g3CTTlPeg4GUciH6TGSW
|
|
46lQ36XHKQX/NccgymWYMkXmZbMbacyglz3ShR0OO/aM1/cVlQ9qiHccZDh7gt9+
|
|
fnfTAZn0RAfbe1zYKNn1h2BoY+LxscjnaX27oWxqI7KbrfrusZiyZic5twSeADcM
|
|
khfIOGVyOCjwTThAuGpu6p09NqoYNm6Y/9Aj+R5NiA==
|
|
=gI6I
|
|
-----END PGP SIGNATURE-----
|