Back to bug 1389316

Who When What Removed Added
Mirek Jahoda 2016-10-27 12:46:12 UTC Status NEW ASSIGNED
Doc Text _libreswan_ rebased to version 3.15-8

Libreswan is an implementation of Internet Protocol Security (IPsec) and Internet Key Exchange (IKE) for Linux. The _libreswan_ packages have been upgraded to upstream version 3.15-8, which provides a number of enhancements and bug fixes over the previous version. Notable changes include the following:

* The nonce size is increased to meet the FIPS requirements when using the SHA2 algorithms.

* Libreswan now calls the NetworkManager helper in case of a connection error.

* All CRLdistributionpoints in a certificate are now processed.

* Libreswan no longer tries to delete non-existing IPsec Security Associations (SAs).

* The pluto IKE daemon now has the `CAP_DAC_READ_SEARCH` capability.

* The pluto daemon no longer crashes when on-demand tunnels are used.

* `pam_acct_mgmt` is now properly set.

* Tunnels with "keyingtries=0" try to establish the tunnel indefinitely.

* The delay before re-establishing the deleted tunnel that is configured to remain up is now less than a second.
Doc Type Enhancement Rebase: Bug Fixes and Enhancements
RHEL Program Management 2016-10-27 13:00:35 UTC Keywords Rebase
Mirek Jahoda 2016-10-31 09:04:44 UTC Doc Text _libreswan_ rebased to version 3.15-8

Libreswan is an implementation of Internet Protocol Security (IPsec) and Internet Key Exchange (IKE) for Linux. The _libreswan_ packages have been upgraded to upstream version 3.15-8, which provides a number of enhancements and bug fixes over the previous version. Notable changes include the following:

* The nonce size is increased to meet the FIPS requirements when using the SHA2 algorithms.

* Libreswan now calls the NetworkManager helper in case of a connection error.

* All CRLdistributionpoints in a certificate are now processed.

* Libreswan no longer tries to delete non-existing IPsec Security Associations (SAs).

* The pluto IKE daemon now has the `CAP_DAC_READ_SEARCH` capability.

* The pluto daemon no longer crashes when on-demand tunnels are used.

* `pam_acct_mgmt` is now properly set.

* Tunnels with "keyingtries=0" try to establish the tunnel indefinitely.

* The delay before re-establishing the deleted tunnel that is configured to remain up is now less than a second.
_libreswan_ rebased to version 3.15

Libreswan is an implementation of Internet Protocol Security (IPsec) and Internet Key Exchange (IKE) for Linux. The _libreswan_ packages have been upgraded to upstream version 3.15, which provides a number of enhancements and bug fixes over the previous version. Notable changes include the following:

* The nonce size is increased to meet the RFC requirements when using the SHA2 algorithms.

* Libreswan now calls the *NetworkManager* helper in case of a connection error.

* All CRLdistributionpoints in a certificate are now processed.

* Libreswan no longer tries to delete non-existing IPsec Security Associations (SAs).

* The *pluto* IKE daemon now has the `CAP_DAC_READ_SEARCH` capability.

* *pluto* no longer crashes when on-demand tunnels are used.

* `pam_acct_mgmt` is now properly set.

* The regression was fixed so tunnels with "keyingtries=0" try to establish the tunnel indefinitely.

* The delay before re-establishing the deleted tunnel that is configured to remain up is now less than a second.
Mirek Jahoda 2016-11-02 08:32:01 UTC Doc Text _libreswan_ rebased to version 3.15

Libreswan is an implementation of Internet Protocol Security (IPsec) and Internet Key Exchange (IKE) for Linux. The _libreswan_ packages have been upgraded to upstream version 3.15, which provides a number of enhancements and bug fixes over the previous version. Notable changes include the following:

* The nonce size is increased to meet the RFC requirements when using the SHA2 algorithms.

* Libreswan now calls the *NetworkManager* helper in case of a connection error.

* All CRLdistributionpoints in a certificate are now processed.

* Libreswan no longer tries to delete non-existing IPsec Security Associations (SAs).

* The *pluto* IKE daemon now has the `CAP_DAC_READ_SEARCH` capability.

* *pluto* no longer crashes when on-demand tunnels are used.

* `pam_acct_mgmt` is now properly set.

* The regression was fixed so tunnels with "keyingtries=0" try to establish the tunnel indefinitely.

* The delay before re-establishing the deleted tunnel that is configured to remain up is now less than a second.
_libreswan_ rebased to version 3.15

*Libreswan* is an implementation of Internet Protocol Security (IPsec) and Internet Key Exchange (IKE) for Linux. The _libreswan_ packages have been upgraded to upstream version 3.15, which provides a number of enhancements and bug fixes over the previous version. Notable changes include the following:

* The nonce size is increased to meet the RFC requirements when using the SHA2 algorithms.

* *Libreswan* now calls the *NetworkManager* helper in case of a connection error.

* All *CRLdistributionpoints* in a certificate are now processed.

* *Libreswan* no longer tries to delete non-existing IPsec Security Associations (SAs).

* The *pluto* IKE daemon now has the `CAP_DAC_READ_SEARCH` capability.

* *pluto* no longer crashes when on-demand tunnels are used.

* `pam_acct_mgmt` is now properly set.

* The regression was fixed so tunnels with "keyingtries=0" try to establish the tunnel indefinitely.

* The delay before re-establishing the deleted tunnel that is configured to remain up is now less than one second.
Dmitri Pal 2016-11-28 18:57:51 UTC CC dpal
Summary libreswan rebase (RHEL 7.3) libreswan rebase (RHEL 7.4)
Mirek Jahoda 2016-11-29 09:48:01 UTC Status ASSIGNED CLOSED
Resolution --- CURRENTRELEASE
Flags needinfo?(dpal)
Last Closed 2016-11-29 04:48:01 UTC
Dmitri Pal 2016-11-29 17:19:48 UTC Flags needinfo?(dpal)
Mirek Jahoda 2016-11-29 19:59:43 UTC Summary libreswan rebase (RHEL 7.4) libreswan rebase (RHEL 7.3)
Alasdair Kergon 2019-03-06 01:01:34 UTC Pool ID 220 238

Back to bug 1389316