You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa strongswan

Sigurnosni nedostaci programskog paketa strongswan

——————————————————————————–
Fedora Update Notification
FEDORA-2015-5247
2015-04-01 21:10:56
——————————————————————————–

Name : strongswan
Product : Fedora 21
Version : 5.3.2
Release : 1.fc21
URL : http://www.strongswan.org/
Summary : An OpenSource IPsec-based VPN and TNC solution
Description :
The strongSwan IPsec implementation supports both the IKEv1 and IKEv2 key
exchange protocols in conjunction with the native NETKEY IPsec stack of the
Linux kernel.

——————————————————————————–
Update Information:

New upstream release 5.3.2. Fixes CVE-2014-9221 and CVE-2015-3991.
——————————————————————————–
ChangeLog:

* Tue Jun 9 2015 Pavel Šimerda <psimerda@redhat.com>
– new version 5.3.2
* Fri Jun 5 2015 Pavel Šimerda <psimerda@redhat.com>
– new version 5.3.1
* Tue Mar 31 2015 Pavel Šimerda <psimerda@redhat.com>
– new version 5.3.0
* Fri Feb 20 2015 Avesh Agarwal <avagarwa@redhat.com> – 5.2.2-2
– Fixes strongswan swanctl service issue rhbz#1193106
* Tue Jan 6 2015 Pavel Šimerda <psimerda@redhat.com> – 5.2.2-1
– new version 5.2.2
* Thu Dec 18 2014 Avesh Agarwal <avagarwa@redhat.com> – 5.2.2-0.2.dr1
– Enabled ccm, and ctr plugins as it seems enabling just openssl does
not work for using ccm and ctr algos.
* Mon Dec 8 2014 Avesh Agarwal <avagarwa@redhat.com> – 5.2.2-0.1.dr1
– New strongswan developer release 5.2.2dr1
* Mon Nov 24 2014 Avesh Agarwal <avagarwa@redhat.com> – 5.2.1-2
– 1167331: Enabled native systemd support.
– Does not disable old systemd, starter, ipsec.conf support yet.
* Thu Oct 30 2014 Avesh Agarwal <avagarwa@redhat.com> – 5.2.1-1
– New upstream release 5.2.1
* Thu Oct 16 2014 Avesh Agarwal <avagarwa@redhat.com> – 5.2.1-0.2.rc1
– New upstream release candidate 5.2.1rc1
* Fri Oct 10 2014 Pavel Šimerda <psimerda@redhat.com> – 5.2.1-1
– new version 5.2.1dr1
* Thu Sep 25 2014 Pavel Šimerda <psimerda@redhat.com> – 5.2.0-7
– use upstream patch for json/json-c dependency
* Thu Sep 25 2014 Pavel Šimerda <psimerda@redhat.com> – 5.2.0-6
– Resolves: #1146145 – Strongswan is compiled without xauth-noauth plugin
——————————————————————————–
References:

[ 1 ] Bug #1228819 – CVE-2015-3991 strongswan: incorrect payload processing for different IKE versions [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1228819
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update strongswan’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

——————————————————————————–
Fedora Update Notification
FEDORA-2015-5279
2015-04-02 00:25:16
——————————————————————————–

Name : strongswan
Product : Fedora 22
Version : 5.3.2
Release : 1.fc22
URL : http://www.strongswan.org/
Summary : An OpenSource IPsec-based VPN and TNC solution
Description :
The strongSwan IPsec implementation supports both the IKEv1 and IKEv2 key
exchange protocols in conjunction with the native NETKEY IPsec stack of the
Linux kernel.

——————————————————————————–
Update Information:

New upstream release 5.3.2. Fixes CVE-2014-9221 and CVE-2015-3991.
——————————————————————————–
ChangeLog:

* Tue Jun 9 2015 Pavel Šimerda <psimerda@redhat.com>
– new version 5.3.2
* Fri Jun 5 2015 Pavel Šimerda <psimerda@redhat.com>
– new version 5.3.1
* Tue Mar 31 2015 Pavel Šimerda <psimerda@redhat.com>
– new version 5.3.0
——————————————————————————–
References:

[ 1 ] Bug #1178956 – CVE-2014-9221 strongswan: denial-of-service vulnerability in libtls when processing crafted Key Exchange payload [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1178956
[ 2 ] Bug #1228819 – CVE-2015-3991 strongswan: incorrect payload processing for different IKE versions [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1228819
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update strongswan’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

Top
More in Preporuke
Sigurnosni nedostatak u jezgri operacijskog sustava

Otkriven je sigurnosni nedostatak u jezgri operacijskog sustava Fedora. Otkriveni nedostatak potencijalnim napadačima omogućuje otkrivanje informacija. Svim korisnicima savjetuje se...

Close