[Openswan dev] Openswan 2.6.39 released, fixes CVE-2013-2053

Gilles Espinasse g.esp at free.fr
Tue Jun 4 06:42:42 UTC 2013

----- Mail original -----
> De: "Patrick Naubert" <patrickn at xelerance.com>
> À: announce at lists.openswan.org, users at lists.openswan.org, dev at lists.openswan.org
> Envoyé: Lundi 3 Juin 2013 22:51:22
> Objet: [Openswan dev] Openswan 2.6.39 released, fixes CVE-2013-2053
> Openswan 2.6.39 released to the community
Thank for the release

> v2.6.39 (May 31, 2013)
> 	• Fixed ipsec verify to avoid perl and use python instead. It helps
> 	during minimum install so that openswan does not have to pull perl
> 	packages, and it keeps minimal install really minimum. Also Removed
> 	compilation of ipsec policy subprogram as it is not needed with
> 	NETKEY. [Paul]

This change is problematic for minimal distrib that do not install python at all.
Only bash and perl are installed for scripting.
Adding python just for a small script is a non-sense for us.


More information about the Dev mailing list