[Announce] Openswan-2.4.4 released

Paul Wouters paul at xelerance.com
Fri Nov 18 01:52:35 EST 2005


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



Today Xelerance released Openswan-2.4.4

This release fixes bug #2 that was a result from the PROTO IPsec test suite.
Note this bug was only a Denial of Service bug, and not a system compromise.
You also needed to know the PSK and use Aggressive Mode, a combination that
is vulnerable to a Man in the middle attack without any bugs in the code.

v2.4.4
  #487 ASSERTION FAILED at state.c:120:IS_ISAKMP_ENCRYPTED(isakmp_sa->st_state)
  (see http://www.openswan.org/niscc2/)
  (proper fix in pluto_constants.h)
* Fix for kernels having strstr
* Various gcc4 warning fixes
* disable CONFIG_IPSEC_NAT_TRAVERSAL per default so we can build KLIPS on
  Fedora systems.
* questionable spin_unlock commented out. Might fix reported SMP crashers.
* update to permit alg code without module support
* various updates to the RedHat specfile.
* Fix for detecting proper kernel source/header directory on fedora
* Various bugfixes as reported on http://bugs.openswan.org/
  #499: check for module support in kernel for IPsec Modular Extensions
  #500: recent awk breaks on 'setdefault' command


The source code is available via web and ftp:

http://www.openswan.org/code/
ftp://ftp.openswan.org/

Binaries should appear on the server and within the yum repositories
within the next day.

For further information, please see:

http://www.openswan.org/

The Openswan team
Xelerance Corp.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iQEVAwUBQ315jecYBqa1zCfhAQLZZAf+PhMc0f0OQ9P1vnvMSkUDNtYTvB+TTAeo
yPe/HnQR5aB0jqVKTnQgty9v2mGVn7iKOe2j+kY4nxjl+1qIoVODBEUh5SFGWaNQ
lWLN1XEyJnUu4zcsr136KTwnwkop2znUoEz9DlTm3cWCbT7vhGPIRGjBVXVRdz54
yNg4WNowaj0nqkG/HrAzztgsxbh1DJEvM6TfPqNCCYh30z/eRJQGLHNsAz+YAou7
izG8vry7rFgsBTUJ/ConhE9kCgMqXOSCiw+Q2BN1etLtktbd+Bx+ROg0stWmECiX
vrOpGKYZZKapB0GAFMXTEczK8hqmDU9nDDUfIiZiNtKF34q26vS+lw==
=PSoy
-----END PGP SIGNATURE-----


More information about the Announce mailing list