Bug 1389316 - libreswan rebase (RHEL 7.3)
Summary: libreswan rebase (RHEL 7.3)
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: Red_Hat_Enterprise_Linux-Release_Notes-7-en-US
Version: 7.3
Hardware: Unspecified
OS: Unspecified
Target Milestone: rc
: ---
Assignee: Mirek Jahoda
QA Contact:
Mirek Jahoda
Keywords: Documentation, FutureFeature, Rebase
Depends On:
TreeView+ depends on / blocked
Reported: 2016-10-27 12:45 UTC by Mirek Jahoda
Modified: 2019-03-06 01:01 UTC (History)
3 users (show)

_libreswan_ rebased to version 3.15

*Libreswan* is an implementation of Internet Protocol Security (IPsec) and Internet Key Exchange (IKE) for Linux. The _libreswan_ packages have been upgraded to upstream version 3.15, which provides a number of enhancements and bug fixes over the previous version. Notable changes include the following:

 * The nonce size is increased to meet the RFC requirements when using the SHA2 algorithms.

 * *Libreswan* now calls the *NetworkManager* helper in case of a connection error.

 * All *CRLdistributionpoints* in a certificate are now processed.

 * *Libreswan* no longer tries to delete non-existing IPsec Security Associations (SAs).

 * The *pluto* IKE daemon now has the `CAP_DAC_READ_SEARCH` capability.

 * *pluto* no longer crashes when on-demand tunnels are used.

 * `pam_acct_mgmt` is now properly set.

 * The regression was fixed so tunnels with "keyingtries=0" try to establish the tunnel indefinitely.

 * The delay before re-establishing the deleted tunnel that is configured to remain up is now less than one second.
Clone Of:
Last Closed: 2016-11-29 09:48:01 UTC

Attachments (Terms of Use)

Comment 1 Mirek Jahoda 2016-11-29 09:48:01 UTC
Summary: libreswan rebase (RHEL 7.3) → libreswan rebase (RHEL 7.4)
Flags: rhel-7.3.0? devel_ack? → rhel-7.4.0? devel_ack+

Hi Dmitri,

have you noticed the selected component of this BZ (Release Notes -> Doc BZ)?

Kind regards,

Note You need to log in before you can comment on or make changes to this bug.