[Announce] Openswan-2.4.4 released
Paul Wouters
paul at xelerance.com
Fri Nov 18 07:52:35 CET 2005
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Today Xelerance released Openswan-2.4.4
This release fixes bug #2 that was a result from the PROTO IPsec test suite.
Note this bug was only a Denial of Service bug, and not a system compromise.
You also needed to know the PSK and use Aggressive Mode, a combination that
is vulnerable to a Man in the middle attack without any bugs in the code.
v2.4.4
#487 ASSERTION FAILED at state.c:120:IS_ISAKMP_ENCRYPTED(isakmp_sa->st_state)
(see http://www.openswan.org/niscc2/)
(proper fix in pluto_constants.h)
* Fix for kernels having strstr
* Various gcc4 warning fixes
* disable CONFIG_IPSEC_NAT_TRAVERSAL per default so we can build KLIPS on
Fedora systems.
* questionable spin_unlock commented out. Might fix reported SMP crashers.
* update to permit alg code without module support
* various updates to the RedHat specfile.
* Fix for detecting proper kernel source/header directory on fedora
* Various bugfixes as reported on http://bugs.openswan.org/
#499: check for module support in kernel for IPsec Modular Extensions
#500: recent awk breaks on 'setdefault' command
The source code is available via web and ftp:
http://www.openswan.org/code/
ftp://ftp.openswan.org/
Binaries should appear on the server and within the yum repositories
within the next day.
For further information, please see:
http://www.openswan.org/
The Openswan team
Xelerance Corp.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iQEVAwUBQ315jecYBqa1zCfhAQLZZAf+PhMc0f0OQ9P1vnvMSkUDNtYTvB+TTAeo
yPe/HnQR5aB0jqVKTnQgty9v2mGVn7iKOe2j+kY4nxjl+1qIoVODBEUh5SFGWaNQ
lWLN1XEyJnUu4zcsr136KTwnwkop2znUoEz9DlTm3cWCbT7vhGPIRGjBVXVRdz54
yNg4WNowaj0nqkG/HrAzztgsxbh1DJEvM6TfPqNCCYh30z/eRJQGLHNsAz+YAou7
izG8vry7rFgsBTUJ/ConhE9kCgMqXOSCiw+Q2BN1etLtktbd+Bx+ROg0stWmECiX
vrOpGKYZZKapB0GAFMXTEczK8hqmDU9nDDUfIiZiNtKF34q26vS+lw==
=PSoy
-----END PGP SIGNATURE-----
More information about the Announce
mailing list