diff options
author | Rene Mayrhofer <rene@mayrhofer.eu.org> | 2009-10-21 11:14:02 +0000 |
---|---|---|
committer | Rene Mayrhofer <rene@mayrhofer.eu.org> | 2009-10-21 11:14:02 +0000 |
commit | 7410d3c6d6a9a1cd7aa55083c938946af6ff9498 (patch) | |
tree | 3291beffa55649f9be28b4a98a7d503d334fbcf2 /NEWS | |
parent | 41787e147279ff0695e9d759487266a60b80867b (diff) | |
download | vyos-strongswan-7410d3c6d6a9a1cd7aa55083c938946af6ff9498.tar.gz vyos-strongswan-7410d3c6d6a9a1cd7aa55083c938946af6ff9498.zip |
[svn-upgrade] Integrating new upstream version, strongswan (4.3.4)
Diffstat (limited to 'NEWS')
-rw-r--r-- | NEWS | 34 |
1 files changed, 34 insertions, 0 deletions
@@ -1,3 +1,37 @@ +strongswan-4.3.4 +---------------- + +- IKEv2 charon daemon ported to FreeBSD and Mac OS X. Installation details can + be found on wiki.strongswan.org. + +- ipsec statusall shows the number of bytes transmitted and received over + ESP connections configured by the IKEv2 charon daemon. + +- The IKEv2 charon daemon supports include files in ipsec.secrets. + + +strongswan-4.3.3 +---------------- + +- The configuration option --enable-integrity-test plus the strongswan.conf + option libstrongswan.integrity_test = yes activate integrity tests + of the IKE daemons charon and pluto, libstrongswan and all loaded + plugins. Thus dynamic library misconfigurations and non-malicious file + manipulations can be reliably detected. + +- The new default setting libstrongswan.ecp_x_coordinate_only=yes allows + IKEv1 interoperability with MS Windows using the ECP DH groups 19 and 20. + +- The IKEv1 pluto daemon now supports the AES-CCM and AES-GCM ESP + authenticated encryption algorithms. + +- The IKEv1 pluto daemon now supports V4 OpenPGP keys. + +- The RDN parser vulnerability discovered by Orange Labs research team + was not completely fixed in version 4.3.2. Some more modifications + had to be applied to the asn1_length() function to make it robust. + + strongswan-4.3.2 ---------------- |