strongswan
No description set
- Devel package for openSUSE:Factory
-
4
derived packages
- Developed at SCM
- Download package
-
Checkout Package
osc -A https://api.opensuse.org checkout network:vpn/strongswan && cd $_ - Create Badge
Refresh
Refresh
Source Files
| Filename | Size | Changed |
|---|---|---|
|
0005-ikev1-Don-t-retransmit-Aggressive-Mode-respon |
0000001088 1.06 KB | |
| README.SUSE | 0000002342 2.29 KB | |
| fips-enforce.conf | 0000000742 742 Bytes | |
| fipscheck.sh.in | 0000001934 1.89 KB | |
| harden_strongswan.service.patch | 0000000794 794 Bytes | |
| strongswan-5.9.4.tar.bz2 | 0004651000 4.44 MB | |
| strongswan-5.9.4.tar.bz2.sig | 0000000659 659 Bytes | |
| strongswan-rpmlintrc | 0000000428 428 Bytes | |
| strongswan.changes | 0000109009 106 KB | |
| strongswan.init.in | 0000008747 8.54 KB | |
| strongswan.keyring | 0000003085 3.01 KB | |
| strongswan.spec | 0000040011 39.1 KB | |
| strongswan_fipscheck.patch | 0000001920 1.88 KB | |
| strongswan_ipsec_service.patch | 0000000446 446 Bytes |
Revision 130 (latest revision is 167)
Jan Engelhardt (jengelh)
accepted
request 949255
from
Marcus Meissner (msmeissn)
(revision 130)
This adds bug references to changes file that are in SLES 15 SP2,
to allow potential reintegration to SLES.
old: network:vpn/strongswan
new: home:msmeissn:branches:network:vpn/strongswan rev None
Index: strongswan.changes
===================================================================
--- strongswan.changes (revision 129)
+++ strongswan.changes (revision 2)
@@ -12,12 +12,12 @@
was caused by an integer overflow when processing RSASSA-PSS
signatures with very large salt lengths. This vulnerability has
been registered as CVE-2021-41990. Please refer to our blog for
- details.
+ details. (bsc#1191367)
* Fixed a denial-of-service vulnerability in the in-memory
certificate cache if certificates are replaced and a very large
random value caused an integer overflow. This vulnerability has
been registered as CVE-2021-41991. Please refer to our blog for
- details.
+ details. (bsc#1191435)
* Fixed a related flaw that caused the daemon to accept and cache
an infinite number of versions of a valid certificate by
modifying the parameters in the signatureAlgorithm field of the
@@ -46,7 +46,7 @@
- Update to version 5.9.3:
* Added AES-ECB, SHA-3 and SHAKE-256 support to the wolfssl
plugin.
- * Added AES-CCM support to the openssl plugin (#353).
+ * Added AES-CCM support to the openssl plugin (#353 bsc#1185363).
* The x509 and the openssl plugins now consider the
authorityKeyIdentifier, if available, before verifying
signatures, which avoids unnecessary signature verifications
@@ -70,6 +70,9 @@
- Replace libsoup-devel with pkgconfig(libsoup-2.4) BuildRequires,
as this is what really checks for. Needed as libsoup-3.0 is
released.
+- 5.9.1
+ - README: added a missing " to pki example command (bsc#1167880)
+ - fixed a libgcrypt call in FIPS mode (bsc#1180801)
-------------------------------------------------------------------
Mon Sep 7 08:38:01 UTC 2020 - Jan Engelhardt <jengelh@inai.de>
Comments 0