Fedora alert FEDORA-2015-5247 (strongswan)

From:
    	     
 
updates@fedoraproject.org 
To:
    	     
 
package-announce@lists.fedoraproject.org 
Subject:
    	     
 
[SECURITY] Fedora 21 Update: strongswan-5.3.2-1.fc21 
Date:
    	     
 
Wed, 19 Aug 2015 08:21:24 +0000
Message-ID:
    	     
 
<20150819082126.E8B0561AA4CA@bastion01.phx2.fedoraproject.org>
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2015-5247
2015-04-01 21:10:56
--------------------------------------------------------------------------------

Name        : strongswan
Product     : Fedora 21
Version     : 5.3.2
Release     : 1.fc21
URL         : http://www.strongswan.org/
Summary     : An OpenSource IPsec-based VPN and TNC solution
Description :
The strongSwan IPsec implementation supports both the IKEv1 and IKEv2 key
exchange protocols in conjunction with the native NETKEY IPsec stack of the
Linux kernel.

--------------------------------------------------------------------------------
Update Information:

New upstream release 5.3.2. Fixes CVE-2014-9221 and CVE-2015-3991.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jun  9 2015 Pavel Šimerda <psimerda@redhat.com>
- new version 5.3.2
* Fri Jun  5 2015 Pavel Šimerda <psimerda@redhat.com>
- new version 5.3.1
* Tue Mar 31 2015 Pavel Šimerda <psimerda@redhat.com>
- new version 5.3.0
* Fri Feb 20 2015 Avesh Agarwal <avagarwa@redhat.com> - 5.2.2-2
- Fixes strongswan swanctl service issue rhbz#1193106
* Tue Jan  6 2015 Pavel Šimerda <psimerda@redhat.com> - 5.2.2-1
- new version 5.2.2
* Thu Dec 18 2014 Avesh Agarwal <avagarwa@redhat.com> - 5.2.2-0.2.dr1
- Enabled ccm, and ctr plugins as it seems enabling just openssl does
  not work for using ccm and ctr algos.
* Mon Dec  8 2014 Avesh Agarwal <avagarwa@redhat.com> - 5.2.2-0.1.dr1
- New strongswan developer release 5.2.2dr1
* Mon Nov 24 2014 Avesh Agarwal <avagarwa@redhat.com> - 5.2.1-2
- 1167331: Enabled native systemd support.
- Does not disable old systemd, starter, ipsec.conf support yet.
* Thu Oct 30 2014 Avesh Agarwal <avagarwa@redhat.com> - 5.2.1-1
- New upstream release 5.2.1
* Thu Oct 16 2014 Avesh Agarwal <avagarwa@redhat.com> - 5.2.1-0.2.rc1
- New upstream release candidate 5.2.1rc1
* Fri Oct 10 2014 Pavel Šimerda <psimerda@redhat.com> - 5.2.1-1
- new version 5.2.1dr1
* Thu Sep 25 2014 Pavel Šimerda <psimerda@redhat.com> - 5.2.0-7
- use upstream patch for json/json-c dependency
* Thu Sep 25 2014 Pavel Šimerda <psimerda@redhat.com> - 5.2.0-6
- Resolves: #1146145 - Strongswan is compiled without xauth-noauth plugin
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1228819 - CVE-2015-3991 strongswan: incorrect payload processing for different IKE
versions [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1228819
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use
su -c 'yum update strongswan' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-...