- Update to release 5.9.5

OBS-URL: https://build.opensuse.org/package/show/network:vpn/strongswan?expand=0&rev=131
2022-01-26 12:33:44 +00:00
parent d2eb7d5564
commit 61572aaddb
6 changed files with 35 additions and 19 deletions
--- a/strongswan.changes
+++ b/strongswan.changes
@@ -1,3 +1,19 @@
+-------------------------------------------------------------------
+Wed Jan 26 12:25:35 UTC 2022 - Jan Engelhardt <jengelh@inai.de>
+
+- Update to release 5.9.5
+  * Fixed a vulnerability in the EAP client implementation
+    (CVE-2021-45079).
+  * libtpmtss may now establish a secure session via RSA OAEP
+    public key encryption or an ephemeral ECDH key exchange,
+    respectively.
+  * When rekeying CHILD_SAs, the old outbound SA is now
+    uninstalled earlier on the initiator/winner.
+  * The openssl plugin now only announces the ECDH groups
+    actually supported by OpenSSL (determined via
+    EC_get_builtin_curves()).
+  * Added support for AES-CFB.
+
 -------------------------------------------------------------------
 Wed Nov 24 08:25:29 UTC 2021 - Johannes Segitz <jsegitz@suse.com>