rpms/libreswan
7
0
Fork 0
Code Issues Pull Requests Releases Activity
160 Commits 10 Branches 47 Tags 614 KiB
c10s
Commit Graph

63 Commits

Author SHA1 Message Date
Paul Wouters
32be2a6df3 - Update libreswan to 4.15 for CVE-2024-3652 
- Resolves rhbz#2274448 CVE-2024-3652 libreswan: IKEv1 default AH/ESP
  responder can crash and restart
- Allow "ipsec import" to try importing PKCS#12 non-interactively if
  there is no password

Resolves: RHEL-32481
 2024-06-28 06:41:02 +09:00
Paul Wouters
38ded79037 - Update to 4.14 for CVE-2024-2357 
* Security, see https://libreswan.org/security/CVE-2024-2357
* x509: unpack IPv6 general names based on length
* pluto: TFC padding was not set for AEAD algorithms

* Include now fixed ipcheck
* Exclude hunkcheck broken on s390x
* Remove obsoleted patch capng patch

Related: RHEL-32481
 2024-06-28 06:40:57 +09:00
Paul Wouters
707d65c3e1 new sources for 4.13 
Related: RHEL-32481
 2024-06-28 06:40:40 +09:00
Paul Wouters
67117b266a
- Update to 4.12 for CVE-2023-38710, CVE-2023-38711 and CVE-2023-38712 
- Resolves: rhbz#2230225 libreswan-4.12 is available
 2023-08-11 11:43:31 -04:00
Paul Wouters
24737740dd
- Update to 4.11 for CVE-2023-30570 2023-05-04 10:44:38 -04:00
Paul Wouters
75627dbc99
add missing ikev2 vectors to sources 2023-02-28 21:37:54 -05:00
Paul Wouters
1de005450e
- Update to 4.10 for CVE-2023-23009 2023-02-28 21:29:21 -05:00
Paul Wouters
3ee4c1aee5
re-add the ike test vectors to sources 2022-10-13 20:30:28 -04:00
Paul Wouters
6b164e4601
- Update to 4.9 (maxbytes/maxpackets support, raw ECDSA support, misc fixes) 2022-10-13 20:23:35 -04:00
Paul Wouters
4aab45b406
re-add LIBRESWAN-GPG-KEY.txt 2022-05-24 18:29:53 -04:00
Paul Wouters
fe733530df
- Updated to 4.7 (EAPTLS support, bugfixes) 2022-05-24 18:11:40 -04:00
Paul Wouters
a47e3c9245
- Resolves: CVE-2022-23094 
- Resolves: rhbz#2039604 libreswan-4.6 is available
- Add gpg key and signature check for build
- Temporarilly disable USE_DNSSEC in rawhide while we figure out openssl vs nss include clash
 2022-01-11 22:43:31 -05:00
Paul Wouters
30bf23be45
update sources 2021-08-26 13:31:47 +03:00
Paul Wouters
6b9dd6c883
- Resolves rhbz#1996250 libreswan-4.5 is available 2021-08-26 12:10:55 +03:00
Paul Wouters
73f45e85a5
- Resolves: rhbz#1952602 libreswan-4.4 is available 2021-05-12 17:00:47 -04:00
Paul Wouters
59cde94ccc - update to 4.3 (minor bugfix release) 2021-02-21 12:09:31 -05:00
Paul Wouters
fdf40a922f - Updated to 4.2 2021-02-02 20:53:35 -05:00
Paul Wouters
7f24ffd5dc - Resolves: rhbz#1867580 pluto process frequently dumps core 
(disable USE_NSS_KDF until nss fixes have propagated)
 2020-12-19 20:01:58 -05:00
Adam Williamson
efc202e0cd Revert to 4.1-3 state to rebuild for ldns soname bump 2020-12-19 09:23:16 -08:00
Paul Wouters
644402b247 re-add test vectors to sources file :/ 2020-12-17 13:52:08 -05:00
Paul Wouters
3fdf599ac8 - Update to 4.2rc1 and disable USE_NSS_KDF for testing 2020-12-17 13:47:19 -05:00
Paul Wouters
5a7f55a6d5 update sources for test vectors 2020-10-19 21:54:00 -04:00
Paul Wouters
bd85a3990f * Sun Oct 18 21:49:39 EDT 2020 Paul Wouters <pwouters@redhat.com> - 4.1-1 
- Updated to 4.1 - interop fix for Cisco
 2020-10-18 21:52:15 -04:00
Paul Wouters
7df3defc11 - Resolves: rhbz#1888448 libreswan-4.0 is available 2020-10-15 11:22:47 -04:00
Paul Wouters
ebfd02de18 update sources 2020-09-28 01:31:02 -04:00
Paul Wouters
9aec852f63 - Updated to 4.0rc1 2020-09-27 22:54:09 -04:00
Paul Wouters
d739ec1a68 - Resolves: rhbz#1809770 libreswan-3.32 is available 2020-05-12 21:39:39 -04:00
Paul Wouters
dc505d2990 - Resolves: rhbz#1809770 libreswan-3.31 is available (fixes rekey regression) 2020-03-03 17:41:39 -05:00
Paul Wouters
ad417c20ed * Fri Feb 14 2020 Paul Wouters <pwouters@redhat.com> - 3.30-1 
- Resolves: rhbz#1802896 libreswan-3.30 is available
- Resolves: rhbz#1799598 libreswan: FTBFS in Fedora rawhide/f32
- Resolves: rhbz#1760571 [abrt] libreswan: configsetupcheck(): verify:366:configsetupcheck:TypeError:
 2020-02-14 12:55:33 -05:00
Paul Wouters
469d62558d - Updated to 3.29 for CVE-2019-10155 2019-06-10 13:30:30 -04:00
Paul Wouters
c07eab6c62 - Updated to 3.28 (many imported bugfixes) 2019-05-21 00:07:35 -04:00
Paul Wouters
2fee39a446 - Updated to 3.27 (various bugfixes) 2018-10-08 18:28:06 -04:00
Paul Wouters
180a2f9073 added libreswan-3.26-asn1-zu.patch 2018-09-17 00:41:30 -04:00
Paul Wouters
77c1beb14f re-add test vectors to sources list :/ 2018-09-17 00:11:40 -04:00
Paul Wouters
4c016b1d7b - Updated to 3.26 (CHACHA20POLY1305, ECDSA and RSA-PSS support) 2018-09-16 23:05:16 -04:00
Paul Wouters
6ce6d0ad52 * Wed Jun 27 2018 Paul Wouters <pwouters@redhat.com> - 3.25-1 
- Updated to 3.25
 2018-06-27 14:11:32 -04:00
Paul Wouters
dbe0b884d9 * Thu Jan 25 2018 Paul Wouters <pwouters@redhat.com> - 3.23-1 
- Updated to 3.23 - support for MOBIKE, PPK, CMAC, nic offload and performance improvements
 2018-01-25 15:43:12 -05:00
Paul Wouters
5b383a4f50 fixup sources 2017-10-23 10:12:22 -04:00
Paul Wouters
7f8fe26d5b - Updated to 3.22 - many bugfixes, and unbound ipsecmod support 2017-10-22 22:02:33 -04:00
Paul Wouters
19d822c715 - Updated to 3.21 2017-08-09 22:53:01 -04:00
Paul Wouters
db44bf6a0f update sources 2017-03-14 12:17:33 -04:00
Paul Wouters
da6c3245f8 put FIPS test vectors back in sources :P 2017-03-03 11:57:35 -05:00
Paul Wouters
5347f3bc83 - Update to 3.20dr4 to test mozbz#1336487 export CERT_CompareAVA 2017-03-03 11:55:08 -05:00
Paul Wouters
c23e85ab6c - Updated to 3.19 (see download.libreswan.org/CHANGES) 2017-01-15 16:09:10 -05:00
Paul Wouters
2c5d647713 - Updated to 3.18 for CVE-2016-5391 rhbz#1361164 2016-07-29 11:18:17 +02:00
Paul Wouters
2a4c4eb32a remove empty line :P 2016-04-04 17:23:54 -05:00
Paul Wouters
a2a99a9946 put back the IKE test vectors in sources 2016-04-04 17:17:45 -05:00
Paul Wouters
445105a5e7 * Mon Apr 04 2016 Paul Wouters <pwouters@redhat.com> - 3.17-1 
- Updated to 3.17 for CVE-2016-3071
- Disable LIBCAP_NG as it prevents unbound-control from working properly
 2016-04-04 17:10:27 -05:00
Paul Wouters
e77c1e6ac5 - Updated to 3.16 (see https://download.libreswan.org/CHANGES) 2015-12-18 15:36:05 -05:00
Paul Wouters
43d43de158 * Tue Aug 11 2015 Paul Wouters <pwouters@redhat.com> - 3.15-1 
- Updated to 3.15 (see http://download.libreswan.org/CHANGES)
- Resolves: rhbz#CVE-2015-3240 IKE daemon restart when receiving a bad DH gx
- NSS database creation moved from spec file to service file
- Run CAVS tests on package build
- Added BuildRequire systemd-units and xmlto
- Bumped minimum required nss to 3.16.1
- Install tmpfiles
- Install sysctl file
- Update doc files to include
 2015-08-24 23:23:01 -04:00