Back to bug 1389316
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Mirek Jahoda | 2016-10-27 12:46:12 UTC | Status | NEW | ASSIGNED |
| Doc Text | _libreswan_ rebased to version 3.15-8 Libreswan is an implementation of Internet Protocol Security (IPsec) and Internet Key Exchange (IKE) for Linux. The _libreswan_ packages have been upgraded to upstream version 3.15-8, which provides a number of enhancements and bug fixes over the previous version. Notable changes include the following: * The nonce size is increased to meet the FIPS requirements when using the SHA2 algorithms. * Libreswan now calls the NetworkManager helper in case of a connection error. * All CRLdistributionpoints in a certificate are now processed. * Libreswan no longer tries to delete non-existing IPsec Security Associations (SAs). * The pluto IKE daemon now has the `CAP_DAC_READ_SEARCH` capability. * The pluto daemon no longer crashes when on-demand tunnels are used. * `pam_acct_mgmt` is now properly set. * Tunnels with "keyingtries=0" try to establish the tunnel indefinitely. * The delay before re-establishing the deleted tunnel that is configured to remain up is now less than a second. | |||
| Doc Type | Enhancement | Rebase: Bug Fixes and Enhancements | ||
| RHEL Program Management | 2016-10-27 13:00:35 UTC | Keywords | Rebase | |
| Mirek Jahoda | 2016-10-31 09:04:44 UTC | Doc Text | _libreswan_ rebased to version 3.15-8 Libreswan is an implementation of Internet Protocol Security (IPsec) and Internet Key Exchange (IKE) for Linux. The _libreswan_ packages have been upgraded to upstream version 3.15-8, which provides a number of enhancements and bug fixes over the previous version. Notable changes include the following: * The nonce size is increased to meet the FIPS requirements when using the SHA2 algorithms. * Libreswan now calls the NetworkManager helper in case of a connection error. * All CRLdistributionpoints in a certificate are now processed. * Libreswan no longer tries to delete non-existing IPsec Security Associations (SAs). * The pluto IKE daemon now has the `CAP_DAC_READ_SEARCH` capability. * The pluto daemon no longer crashes when on-demand tunnels are used. * `pam_acct_mgmt` is now properly set. * Tunnels with "keyingtries=0" try to establish the tunnel indefinitely. * The delay before re-establishing the deleted tunnel that is configured to remain up is now less than a second. | _libreswan_ rebased to version 3.15 Libreswan is an implementation of Internet Protocol Security (IPsec) and Internet Key Exchange (IKE) for Linux. The _libreswan_ packages have been upgraded to upstream version 3.15, which provides a number of enhancements and bug fixes over the previous version. Notable changes include the following: * The nonce size is increased to meet the RFC requirements when using the SHA2 algorithms. * Libreswan now calls the *NetworkManager* helper in case of a connection error. * All CRLdistributionpoints in a certificate are now processed. * Libreswan no longer tries to delete non-existing IPsec Security Associations (SAs). * The *pluto* IKE daemon now has the `CAP_DAC_READ_SEARCH` capability. * *pluto* no longer crashes when on-demand tunnels are used. * `pam_acct_mgmt` is now properly set. * The regression was fixed so tunnels with "keyingtries=0" try to establish the tunnel indefinitely. * The delay before re-establishing the deleted tunnel that is configured to remain up is now less than a second. |
| Mirek Jahoda | 2016-11-02 08:32:01 UTC | Doc Text | _libreswan_ rebased to version 3.15 Libreswan is an implementation of Internet Protocol Security (IPsec) and Internet Key Exchange (IKE) for Linux. The _libreswan_ packages have been upgraded to upstream version 3.15, which provides a number of enhancements and bug fixes over the previous version. Notable changes include the following: * The nonce size is increased to meet the RFC requirements when using the SHA2 algorithms. * Libreswan now calls the *NetworkManager* helper in case of a connection error. * All CRLdistributionpoints in a certificate are now processed. * Libreswan no longer tries to delete non-existing IPsec Security Associations (SAs). * The *pluto* IKE daemon now has the `CAP_DAC_READ_SEARCH` capability. * *pluto* no longer crashes when on-demand tunnels are used. * `pam_acct_mgmt` is now properly set. * The regression was fixed so tunnels with "keyingtries=0" try to establish the tunnel indefinitely. * The delay before re-establishing the deleted tunnel that is configured to remain up is now less than a second. | _libreswan_ rebased to version 3.15 *Libreswan* is an implementation of Internet Protocol Security (IPsec) and Internet Key Exchange (IKE) for Linux. The _libreswan_ packages have been upgraded to upstream version 3.15, which provides a number of enhancements and bug fixes over the previous version. Notable changes include the following: * The nonce size is increased to meet the RFC requirements when using the SHA2 algorithms. * *Libreswan* now calls the *NetworkManager* helper in case of a connection error. * All *CRLdistributionpoints* in a certificate are now processed. * *Libreswan* no longer tries to delete non-existing IPsec Security Associations (SAs). * The *pluto* IKE daemon now has the `CAP_DAC_READ_SEARCH` capability. * *pluto* no longer crashes when on-demand tunnels are used. * `pam_acct_mgmt` is now properly set. * The regression was fixed so tunnels with "keyingtries=0" try to establish the tunnel indefinitely. * The delay before re-establishing the deleted tunnel that is configured to remain up is now less than one second. |
| Dmitri Pal | 2016-11-28 18:57:51 UTC | CC | dpal | |
| Summary | libreswan rebase (RHEL 7.3) | libreswan rebase (RHEL 7.4) | ||
| Mirek Jahoda | 2016-11-29 09:48:01 UTC | Status | ASSIGNED | CLOSED |
| Resolution | --- | CURRENTRELEASE | ||
| Flags | needinfo?(dpal) | |||
| Last Closed | 2016-11-29 04:48:01 UTC | |||
| Dmitri Pal | 2016-11-29 17:19:48 UTC | Flags | needinfo?(dpal) | |
| Mirek Jahoda | 2016-11-29 19:59:43 UTC | Summary | libreswan rebase (RHEL 7.4) | libreswan rebase (RHEL 7.3) |
| Alasdair Kergon | 2019-03-06 01:01:34 UTC | Pool ID | 220 | 238 |
Back to bug 1389316