rpms/libreswan
7
0
Fork 0
Code Issues Pull Requests Releases Activity
158 Commits 10 Branches 47 Tags 614 KiB
06e2649dd4
Commit Graph

50 Commits

Author SHA1 Message Date
Paul Wouters
32be2a6df3 - Update libreswan to 4.15 for CVE-2024-3652 
- Resolves rhbz#2274448 CVE-2024-3652 libreswan: IKEv1 default AH/ESP
  responder can crash and restart
- Allow "ipsec import" to try importing PKCS#12 non-interactively if
  there is no password

Resolves: RHEL-32481
 2024-06-28 06:41:02 +09:00
Paul Wouters
38ded79037 - Update to 4.14 for CVE-2024-2357 
* Security, see https://libreswan.org/security/CVE-2024-2357
* x509: unpack IPv6 general names based on length
* pluto: TFC padding was not set for AEAD algorithms

* Include now fixed ipcheck
* Exclude hunkcheck broken on s390x
* Remove obsoleted patch capng patch

Related: RHEL-32481
 2024-06-28 06:40:57 +09:00
Paul Wouters
707d65c3e1 new sources for 4.13 
Related: RHEL-32481
 2024-06-28 06:40:40 +09:00
Paul Wouters
67117b266a
- Update to 4.12 for CVE-2023-38710, CVE-2023-38711 and CVE-2023-38712 
- Resolves: rhbz#2230225 libreswan-4.12 is available
 2023-08-11 11:43:31 -04:00
Paul Wouters
24737740dd
- Update to 4.11 for CVE-2023-30570 2023-05-04 10:44:38 -04:00
Paul Wouters
1de005450e
- Update to 4.10 for CVE-2023-23009 2023-02-28 21:29:21 -05:00
Paul Wouters
6b164e4601
- Update to 4.9 (maxbytes/maxpackets support, raw ECDSA support, misc fixes) 2022-10-13 20:23:35 -04:00
Paul Wouters
fe733530df
- Updated to 4.7 (EAPTLS support, bugfixes) 2022-05-24 18:11:40 -04:00
Paul Wouters
a47e3c9245
- Resolves: CVE-2022-23094 
- Resolves: rhbz#2039604 libreswan-4.6 is available
- Add gpg key and signature check for build
- Temporarilly disable USE_DNSSEC in rawhide while we figure out openssl vs nss include clash
 2022-01-11 22:43:31 -05:00
Paul Wouters
6b9dd6c883
- Resolves rhbz#1996250 libreswan-4.5 is available 2021-08-26 12:10:55 +03:00
Paul Wouters
73f45e85a5
- Resolves: rhbz#1952602 libreswan-4.4 is available 2021-05-12 17:00:47 -04:00
Paul Wouters
59cde94ccc - update to 4.3 (minor bugfix release) 2021-02-21 12:09:31 -05:00
Paul Wouters
fdf40a922f - Updated to 4.2 2021-02-02 20:53:35 -05:00
Paul Wouters
7f24ffd5dc - Resolves: rhbz#1867580 pluto process frequently dumps core 
(disable USE_NSS_KDF until nss fixes have propagated)
 2020-12-19 20:01:58 -05:00
Adam Williamson
efc202e0cd Revert to 4.1-3 state to rebuild for ldns soname bump 2020-12-19 09:23:16 -08:00
Paul Wouters
3fdf599ac8 - Update to 4.2rc1 and disable USE_NSS_KDF for testing 2020-12-17 13:47:19 -05:00
Paul Wouters
bd85a3990f * Sun Oct 18 21:49:39 EDT 2020 Paul Wouters <pwouters@redhat.com> - 4.1-1 
- Updated to 4.1 - interop fix for Cisco
 2020-10-18 21:52:15 -04:00
Paul Wouters
7df3defc11 - Resolves: rhbz#1888448 libreswan-4.0 is available 2020-10-15 11:22:47 -04:00
Paul Wouters
9aec852f63 - Updated to 4.0rc1 2020-09-27 22:54:09 -04:00
Paul Wouters
d739ec1a68 - Resolves: rhbz#1809770 libreswan-3.32 is available 2020-05-12 21:39:39 -04:00
Paul Wouters
dc505d2990 - Resolves: rhbz#1809770 libreswan-3.31 is available (fixes rekey regression) 2020-03-03 17:41:39 -05:00
Paul Wouters
ad417c20ed * Fri Feb 14 2020 Paul Wouters <pwouters@redhat.com> - 3.30-1 
- Resolves: rhbz#1802896 libreswan-3.30 is available
- Resolves: rhbz#1799598 libreswan: FTBFS in Fedora rawhide/f32
- Resolves: rhbz#1760571 [abrt] libreswan: configsetupcheck(): verify:366:configsetupcheck:TypeError:
 2020-02-14 12:55:33 -05:00
Paul Wouters
469d62558d - Updated to 3.29 for CVE-2019-10155 2019-06-10 13:30:30 -04:00
Paul Wouters
c07eab6c62 - Updated to 3.28 (many imported bugfixes) 2019-05-21 00:07:35 -04:00
Paul Wouters
2fee39a446 - Updated to 3.27 (various bugfixes) 2018-10-08 18:28:06 -04:00
Paul Wouters
4c016b1d7b - Updated to 3.26 (CHACHA20POLY1305, ECDSA and RSA-PSS support) 2018-09-16 23:05:16 -04:00
Paul Wouters
6ce6d0ad52 * Wed Jun 27 2018 Paul Wouters <pwouters@redhat.com> - 3.25-1 
- Updated to 3.25
 2018-06-27 14:11:32 -04:00
Paul Wouters
dbe0b884d9 * Thu Jan 25 2018 Paul Wouters <pwouters@redhat.com> - 3.23-1 
- Updated to 3.23 - support for MOBIKE, PPK, CMAC, nic offload and performance improvements
 2018-01-25 15:43:12 -05:00
Paul Wouters
7f8fe26d5b - Updated to 3.22 - many bugfixes, and unbound ipsecmod support 2017-10-22 22:02:33 -04:00
Paul Wouters
19d822c715 - Updated to 3.21 2017-08-09 22:53:01 -04:00
Paul Wouters
db44bf6a0f update sources 2017-03-14 12:17:33 -04:00
Paul Wouters
5347f3bc83 - Update to 3.20dr4 to test mozbz#1336487 export CERT_CompareAVA 2017-03-03 11:55:08 -05:00
Paul Wouters
c23e85ab6c - Updated to 3.19 (see download.libreswan.org/CHANGES) 2017-01-15 16:09:10 -05:00
Paul Wouters
2c5d647713 - Updated to 3.18 for CVE-2016-5391 rhbz#1361164 2016-07-29 11:18:17 +02:00
Paul Wouters
445105a5e7 * Mon Apr 04 2016 Paul Wouters <pwouters@redhat.com> - 3.17-1 
- Updated to 3.17 for CVE-2016-3071
- Disable LIBCAP_NG as it prevents unbound-control from working properly
 2016-04-04 17:10:27 -05:00
Paul Wouters
e77c1e6ac5 - Updated to 3.16 (see https://download.libreswan.org/CHANGES) 2015-12-18 15:36:05 -05:00
Paul Wouters
43d43de158 * Tue Aug 11 2015 Paul Wouters <pwouters@redhat.com> - 3.15-1 
- Updated to 3.15 (see http://download.libreswan.org/CHANGES)
- Resolves: rhbz#CVE-2015-3240 IKE daemon restart when receiving a bad DH gx
- NSS database creation moved from spec file to service file
- Run CAVS tests on package build
- Added BuildRequire systemd-units and xmlto
- Bumped minimum required nss to 3.16.1
- Install tmpfiles
- Install sysctl file
- Update doc files to include
 2015-08-24 23:23:01 -04:00
Paul Wouters
bc7d953678 - Updated to 3.13 for CVE-2015-3204 2015-06-01 12:48:33 -04:00
Paul Wouters
1a3c473e5f - Updated to 3.12 Various IKEv2 fixes 2014-11-06 23:46:08 -05:00
Paul Wouters
38a33f1f69 - Updated to 3.11 (many fixes, including startup fixes) 2014-10-22 16:14:24 -04:00
Paul Wouters
97335a7d8c * Mon Sep 01 2014 Paul Wouters <pwouters@redhat.com> - 3.10-1 
- Updated to 3.10, major bugfix release, new xauth status options
 2014-09-01 18:01:11 -04:00
Paul Wouters
2f0670d0ac * Thu Jul 10 2014 Paul Wouters <pwouters@redhat.com> - 3.9-1 
- Updated to 3.9. IKEv2 enhancements, ESP/IKE algo enhancements
- Mark libreswan-fips.conf as config file
 2014-07-10 11:12:45 -04:00
Paul Wouters
68fd6c5ce3 * Sat Jan 18 2014 Paul Wouters <pwouters@redhat.com> - 3.8-1 
- Updated to 3.8, fixes rhbz#CVE-2013-6467 (rhbz#1054102)
 2014-01-17 17:46:01 -08:00
Paul Wouters
fe276015a8 updated to 3.7 2013-12-10 20:30:56 -05:00
Paul Wouters
923dd884a3 * Thu Oct 31 2013 Paul Wouters <pwouters@redhat.com> - 3.6-1 
- Updated to 3.6 (IKEv2, MODECFG, Cisco interop fixes)
- Generate empty NSS db if none exists
 2013-10-30 23:17:42 -04:00
Paul Wouters
d3a863c1aa * Sat Jul 13 2013 Paul Wouters <pwouters@redhat.com> - 3.5-1 
- Updated to 3.5
 2013-07-13 16:24:07 -04:00
Paul Wouters
ee5df2e0f4 * Thu Jun 06 2013 Paul Wouters <pwouters@redhat.com> - 3.4-1 
- Updated to 3.4, which only contains style changes to kernel coding style
- IN MEMORIAM: June 3rd, 2013 Hugh Daniel
 2013-06-06 05:10:06 -04:00
Paul Wouters
7f95d077e2 * Mon May 13 2013 Paul Wouters <pwouters@redhat.com> - 3.3-1 
- Updated to 3.3, which resolves CVE-2013-2052
 2013-05-13 14:34:29 -04:00
Paul Wouters
5f79f634af * Sat Apr 13 2013 Paul Wouters <pwouters@redhat.com> - 3.2-1 
- Initial package for Fedora
 2013-04-13 16:58:36 -04:00
Fedora Release Engineering
a8426a7ea9 Initial setup of the repo 2013-04-11 11:32:53 +00:00