Sophie

• Search
• Distribution
• Explorer
• Source & Patches
• Chat
• Help
• About

distrib > Fedora > 14 > i386 > media > updates > by-pkgid > ea5fd7599d200744aaa7d4954b74d62f > changelog

openswan-2.6.33-3.fc14.i686.rpm

• Info
• Deps
• Files
• Scripts
• ChangeLog
• Location
• Others versions
• Analyse

• Fri Oct 28 2011 Avesh Agarwal <avagarwa@redhat.com> - 2.6.33-3

  - Fixes for cve-2011-4073

• Wed Oct 5 2011 Avesh Agarwal <avagarwa@redhat.com> - 2.6.33-2

  - Fixes for cve-2011-3380

• Wed Mar 9 2011 Avesh Agarwal <avagarwa@redhat.com> - 2.6.33-1

  - New upstream release openswan
  - Updated local patches
  - Removed USE_MODP_RFC5114 as upstream enabled it by default
  - updated spec file to reflect upstream changes related to doc

• Wed Oct 20 2010 Avesh Agarwal <avagarwa@redhat.com> - 2.6.31-1

  - New upstream release openswan-2.6.31

• Thu Sep 30 2010 Avesh Agarwal <avagarwa@redhat.com> - 2.6.29-2

  - rhbz#636572, fix to openswan default start issue

• Mon Sep 27 2010 Avesh Agarwal <avagarwa@redhat.com> - 2.6.29-1

  - New upstream release
  - Fixes for CVE-2010-3308 and CVE-2010-3302

• Fri Aug 13 2010 Avesh Agarwal <avagarwa@redhat.com> - 2.6.28-1

  - New upstream release
  - Updated existing patches
  - Changed man to man-db in Buildrequires

• Fri Jul 2 2010 Avesh Agarwal <avagarwa@redhat.com> - 2.6.27-1

  - NetworkManager-openswan plugin related changes
  - Fixes for bz 600167
  - Fixes for bz 600174
  - Fixes for bz 584224
  - Updated old patches

• Sat May 29 2010 Avesh Agarwal <avagarwa@redhat.com> - 2.6.25-2

  - NetworkManager-openswan plugin related changes
  - Fixes for bz 584224

• Mon Mar 29 2010 Avesh Agarwal <avagarwa@redhat.com> - 2.6.25-1

  - New upstream release
  - Updated existing patches that could not make into this release

• Thu Mar 18 2010 Avesh Agarwal <avagarwa@redhat.com> - 2.6.24-5

  - Openswan-cisco interop functionality now inlcludes the
  processing of domain defintion attributes obtained from Cisco
  VPN server
  - Openswan client can update and restore /etc/resolv.conf file
  based on the DNS information obtained Cisco VPN server
  - Implementation of new Diffie-Hellman groups as in RFC 5114

• Wed Mar 3 2010 Avesh Agarwal <avagarwa@redhat.com> - 2.6.24-4

  - Fixes for openswan-cisco interop functionality
  - Fix for the issue of hardcoded 96 bits of hmac sha1/md5
  - Fix for eliminating compile time warnings
  - Fix for the issueo where ipsec help shows the list twice
  (rhbz 524146, 509318)
  - Implementation of ikev2 transport mode support
  (rhbz 568652, 561042)
  - Fix for the issue when pluto's child can not add routes,
  related to libcan-ng (rhbz 568493, 550023)
  - Fix for the issue of xauth password when read from prompt
  - Some subcommad (spi, spigrp, tncfg) are not used with NETKEY,
  a proper error handling has been added for this issue.
  (rhbz 568648, 560596)
  - Fix for Openswan-win2k issue where ports are not handled
  correctly (rhbz 563779)

• Thu Feb 18 2010 Avesh Agarwal <avagarwa@redhat.com> - 2.6.24-3

  - Fix for making explicit (or avoiding implicit) linking
  for pthread (#565410)
  - Modified package description
  - Fixed a typo (IKEv2 RFC number).

• Mon Feb 8 2010 Avesh Agarwal <avagarwa@redhat.com> - 2.6.24-2

  - Modified summary in spec file
  - Replaced buildroot with RPM_BUILD_ROOT in spec file
  - Included html files in the doc package
  - Patch for disabling openswan startup at the system
  boot by default

• Mon Jan 11 2010 Avesh Agarwal <avagarwa@redhat.com> - 2.6.24-1

  - New upstream release
  - Cisco interop patches
  - Improved init script
  - Fix to allow ";" in the ike/esp parameters
  - Fix to unset IKEv2 Critical flag for payloads defined in RFC 4306
  - Fix to Zeroize ISAKMP and IPsec SA's when in FIPS mode
  - Fix to the issue where Some programs were installed
  twice causing .old files
  - lwdns.req.log moved from /var/tmp/ to /var/run/pluto/ .
  This is to avoid an SElinux AVC Denial

• Wed Sep 9 2009 Avesh Agarwal <avagarwa@redhat.com> - 2.6.23-1

  - New upstream release
  - Supports smartcards now
  - Supports PSK with NSS
  - Supports libcap-ng for lowering capabilities of pluto process
  - Updated README.nss

• Sat Jul 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.6.22-2

  - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild

• Thu Jul 23 2009 Avesh Agarwal <avagarwa@redhat.com> - 2.6.22-1

  - New upstream release
  - Added support for using PSK with NSS
  - Fixed several warnings and undid unnecessary debug messages
  - Updated README.nss with an example configuration
  - Moved README.nss to openswan/doc/
  - Improved FIPS integrity check functionality

• Mon Jul 6 2009 Avesh Agarwal <avagarwa@redhat.com> - 2.6.21-5

  - Added support for using PSK with NSS
  - Fixed several warnings and undid unnecessary comments
  - Updated README.nss with an example configuration
  - Fixed Openswan ASN.1 parser vulnerability (CVE-2009-2185)

• Tue Apr 14 2009 Avesh Agarwal <avagarwa@redhat.com> - 2.6.21-4

  - Updated the Openswan-NSS porting to enable nss and fipscheck by default
  - fipscheck requires fipscheck-devel library

• Tue Apr 14 2009 Avesh Agarwal <avagarwa@redhat.com> - 2.6.21-3

  - Updated the Openswan-NSS porting to enable nss by default
  - The patch includes README.nss for information about NSS usage

• Mon Apr 13 2009 Avesh Agarwal <avagarwa@redhat.com> - 2.6.21-2

  - Applied patch to support NSS, currently disabled due to
  dependency on rh bz #491693
  - The patch also supports fips check integrity
  (requires fipscheck-devel library)

• Mon Mar 30 2009 Avesh Agarwal <avagarwa@redhat.com> - 2.6.21-1

  - new upstream release
  - Fix for CVE-2009-0790 DPD crasher
  - Fix remaining SADB_EXT_MAX -> K_SADB_EXT_MAX entries
  - Fix ipsec setup --status not showing amount of tunnels with netkey

• Thu Feb 26 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.6.19-2

  - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild

• Tue Nov 25 2008 Avesh Agarwal <avagarwa@redhat.com> - 2.6.19-1

  - new upstream release

• Mon Oct 13 2008 Avesh Agarwal <avagarwa@redhat.com> - 2.6.18-2

  - Addressed some issues related to buzilla 447419
  - Added xmlto and bind-devel to BuildRequires
  - Removed the patch openswan-2.6-noxmlto.patch
  - Removed the command "rm -rf programs/readwriteconf" from the spec file
  as readwriteconf is used with "make check" for debugging purposes.
  - Removed USE_LWRES=false from the spec file as it has been
  obsolete in upstream (using bind-devel instead)

• Mon Oct 6 2008 Avesh Agarwal <avagarwa@redhat.com> - 2.6.18-1

  - new upstream release
  - modified default ipsec.conf to address rhbz#463931

• Fri Sep 12 2008 Avesh Agarwal <avagarwa@redhat.com> - 2.6.16-2

  - added initscript patch to prevent openswan service start by default

• Tue Sep 9 2008 Avesh Agarwal <avagarwa@redhat.com> - 2.6.16-1

  - new upstream release

• Sat Jul 5 2008 Steve Grubb <sgrubb@redhat.com> - 2.6.15-1

  - new upstream release

• Fri Jun 6 2008 Steve Grubb <sgrubb@redhat.com> - 2.6.14-1

  - new upstream release

• Tue Mar 18 2008 Steve Conklin <sconklin@redhat.com> - 2.6.09-2

  - removing patch - using upstream init script as is

• Wed Mar 12 2008 Steve Conklin <sconklin@redhat.com> - 2.6.08-1

  - Moved to latest upstream
  - Replaced the init script source file with a patch to the upstream one
  - (no functional changes to the init script)
  - Added protostack=netkey to ipsec.conf
  - New patch to include definition of HOST_NAME_MAX

• Mon Feb 11 2008 Steve Conklin <sconklin@redhat.com> - 2.6.07-1

  - Moved to latest upstream

• Thu Feb 7 2008 Steve Conklin <sconklin@redhat.com> - 2.6.05-1

  - Removed check for selinux enforcing mode in verify script
  - Moved to latest upstream

• Mon Jan 28 2008 Steve Conklin <sconklin@redhat.com> - 2.6.04-1

  - Move to new upstream source

• Thu Jan 24 2008 Steve Conklin <sconklin@redhat.com> - 2.6.03-9

  - Added af_key module load to init script
  - Removed spurious warning about interfaces=

• Mon Jan 21 2008 Steve Conklin <sconklin@redhat.com> - 2.6.03-8

  Related: rhbz#235224
  - rpmdiff spotted these:
  - Cleaned out unused man page
  - patch error in barf script

• Fri Jan 18 2008 Steve Conklin <sconklin@redhat.com> - 2.6.03-7

  - Addressed the last set of small changes for package review

• Thu Jan 17 2008 Steve Conklin <sconklin@redhat.com> - 2.6.03-6

  - Moved everything else out of /usr/lib
  - Added tmraz's patch to remove extra slashes in makefile
  - Removed macros from changelog entries

• Thu Jan 17 2008 Steve Conklin <sconklin@redhat.com> - 2.6.03-5

  - Removed userland macros from spec file

• Thu Jan 17 2008 Steve Conklin <sconklin@redhat.com> - 2.6.03-4

  - Removed use of xmlto and the BuildRequires
  - moved scripts from /usr/lib to /usr/libexec
  - removed man3 pages for libopenswan functions (we don't deliver)

• Wed Jan 16 2008 Steve Conklin <sconklin@redhat.com> - 2.6.03-3

  - Removed _smp_mflags macro from from the spec file build section
  - Added BuildRequires for xmlto
  - Changed License from GPL to GPL+
  - removed klips ifdefs from spec file
  - Added patch to move example configs to doc dir
  - Added a patch to make the link to init script relative,
  for chroot environments

• Fri Jan 11 2008 Steve Conklin <sconklin@redhat.com> - 2.6.03-2

  - Removed copy of file that no longer exists

• Fri Jan 11 2008 Steve Conklin <sconklin@redhat.com> - 2.6.03-1

  - Latest upstream tarball, includes fixes

• Thu Jan 10 2008 Steve Conklin <sconklin@redhat.com> - 2.6.02-2

  - Rebase to 2.6.02, add initial ikev2 support

• Mon Sep 17 2007 Steve Conklin <sconklin@redhat.com> - 2.4.9-2

  - Forgot changelog on last entry

• Mon Sep 17 2007 Steve Conklin <sconklin@redhat.com> - 2.4.9-1

  - sync to upstream latest

• Tue Mar 20 2007 Florian La Roche <laroche@redhat.com> - 2.4.7-3

  - do not use epoch macro, it is unset

• Wed Feb 28 2007 Harald Hoyer <harald@redhat.com> - 2.4.7-2

  - specfile review

• Fri Jan 26 2007 Harald Hoyer <harald@redhat.com> - 2.4.7-1

  - removed key generation from install phase
  - version 2.4.7

• Wed Jul 12 2006 Jesse Keating <jkeating@redhat.com> - 2.4.5-2.1

  - rebuild

• Wed May 17 2006 Harald Hoyer <harald@redhat.com> - 2.4.5-2

  - fixed typo (bug #191930)

• Fri May 5 2006 Harald Hoyer <harald@redhat.com> - 2.4.5-1

  - version 2.4.5

• Fri Feb 10 2006 Jesse Keating <jkeating@redhat.com> - 2.4.4-1.1.2.1

  - bump again for double-long bug on ppc(64)

• Tue Feb 7 2006 Jesse Keating <jkeating@redhat.com> - 2.4.4-1.1.2

  - rebuilt for new gcc4.1 snapshot and glibc changes

• Fri Dec 9 2005 Jesse Keating <jkeating@redhat.com>

  - rebuilt

• Fri Nov 18 2005 Harald Hoyer <harald@redhat.com> - 2.4.4-1.1

  - version 2.4.4
  - fixes NISCC Vulnerability Advisory 273756/NISCC/ISAKMP
  - fixes NISCC Advisory 3756/NISCC/ISAKMP

• Wed Nov 2 2005 Harald Hoyer <harald@redhat.com> - 2.4.2-0.dr5.1

  - version 2.4.2dr5

• Tue Oct 25 2005 Harald Hoyer <harald@redhat.com> - 2.4.2-0.dr1.1

  - version 2.4.2dr1

• Tue Sep 13 2005 Harald Hoyer <harald@redhat.com> - 2.4.0-1

  - version 2.4.0

• Wed Aug 31 2005 Harald Hoyer <harald@redhat.com> - 2.4.0-0.rc4.1

  - new version

• Sun Jul 31 2005 Florian La Roche <laroche@redhat.com>

  - remove sysv startup links to build with current rpm

• Thu May 12 2005 Harald Hoyer <harald@redhat.com> - 2.3.1-3

  - added openswan-2.3.1-nat_t_aggr.patch
  - added openswan-2.3.1-iproute2.patch
  - added openswan-2.3.1-cisco.patch
  - NAT-T/XAUTH/AGGR-MODE is now possible with a Cisco VPN 3000

• Wed Apr 27 2005 Harald Hoyer <harald@redhat.com> - 2.3.1-2

  - added Requires(post) of coreutils bash (bug 155699)
  - added Requires(preun) initscripts chkconfig

• Wed Apr 13 2005 Harald Hoyer <harald@redhat.com> - 2.3.1-1

  - version 2.3.1

• Mon Apr 4 2005 Jeremy Katz <katzj@redhat.com> - 2.3.0-6

  - remove some duplicate copies of the docs

• Wed Mar 2 2005 Harald Hoyer <harald@redhat.com>

  - rebuilt

• Mon Feb 21 2005 Harald Hoyer <harald@redhat.com> - 2.3.0-4

  - fixed bug rh#149164

• Fri Feb 18 2005 Harald Hoyer <harald@redhat.com> - 2.3.0-3

  - patched code to compile with gcc4

• Fri Jan 14 2005 Harald Hoyer <harald@redhat.com> - 2.3.0-2

  - Do not enable the initscript per default

• Tue Jan 11 2005 Harald Hoyer <harald@redhat.com> - 2.3.0-1

  - version 2.3.0
  - reimported specfile
  - PIEd openswan
  - cleaned up initial config files and added include directives
  for easy config drop in

• Wed Jan 5 2005 Paul Wouters <paul@xelerance.com>

  - Updated for x86_64 and klips on 2.6

• Tue Nov 2 2004 Dan Walsh <dwalsh@redhat.com> - 2.1.5-3

  - Apply selinux patch

• Thu Oct 21 2004 Bill Nottingham <notting@redhat.com> - 2.1.5-2

  - don't run by default. again.

• Wed Oct 13 2004 Harald Hoyer <harald@redhat.com> - 2.1.5-1

  - added selinux patch from Daniel Walsh
  - initscript now uses translated strings
  - version 2.1.5 with minor fixes

• Tue Sep 21 2004 Harald Hoyer <harald@redhat.com> - 2.1.4-7

  - added more build reqs (bug #132877)

• Thu Sep 9 2004 Bill Nottingham <notting@redhat.com> - 2.1.4-6

  - don't run by default
  - don't create/chmod directories in %post, just include them with the
  right perms
  - fix debuginfo
  - fix docs

• Mon Aug 23 2004 Jason Vas Dias <jvdias@redhat.com> - 2.1.4-5

  - Added debuginfo package

• Mon Aug 23 2004 Jason Vas Dias <jvdias@redhat.com> - 2.1.4-4

  - Install man-pages
  - Fix initscript 'fail()' func to write newline before failure()

• Thu Aug 19 2004 Jason Vas Dias <jvdias@redhat.com> - 2.1.4-3

  - Fix 'service ipsec status' output

• Wed Aug 18 2004 Jason Vas Dias <jvdias@redhat.com> - 2.1.4-2

  - Normalize initscripts for Red Hat and add translation string support

• Tue Aug 17 2004 Harald Hoyer <harald@redhat.com> - 2.1.4-1

  - initial import

• Tue May 25 2004 Ken Bantoft <ken@xelerance.com>

  - Initial version, based on FreeS/WAN .spec