A new update is available for Fedora Core - [SECURITY] Fedora Core 3 Update: openswan-2.4.4-0.FC3.1. Here the announcement:
Fedora Update Notification
FEDORA-2005-1092
2005-11-21
---------------------------------------------------------------------
Product : Fedora Core 3
Name : openswan
Version : 2.4.4
Release : 0.FC3.1
Summary : Openswan IPSEC implementation
Description :
Openswan is a free implementation of IPSEC & IKE for Linux. IPSEC is
the Internet Protocol Security and uses strong cryptography to provide
both authentication and encryption services. These services allow you
to build secure tunnels through untrusted networks. Everything passing
through the untrusted net is encrypted by the ipsec gateway machine and
decrypted by the gateway at the other end of the tunnel. The resulting
tunnel is a virtual private network or VPN.
This package contains the daemons and userland tools for setting up
Openswan on a freeswan enabled kernel.
---------------------------------------------------------------------
Update Information:
NISCC has reported two Denial of Service issues in Openswan.
The first involves a specially crafted 3DES packet with an
invalid key length.
The Openswan project has relased version 2.4.4 to fix both
issues.
See http://www.openswan.org/ for details.
---------------------------------------------------------------------
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/
79f000a19d216fc95f1bd0f24bd1bf41 SRPMS/openswan-2.4.4-0.FC3.1.src.rpm
6fe24a0ab188b4b0e45d610bfda9b554 x86_64/openswan-2.4.4-0.FC3.1.x86_64.rpm
c1c42f6af380064673bfa648c37349ee x86_64/openswan-doc-2.4.4-0.FC3.1.x86_64.rpm
1dc85100f037b3b18db1a6f0069cad1e i386/openswan-2.4.4-0.FC3.1.i386.rpm
93e5a2376e1373ee40b8ad7960f89dc2 i386/openswan-doc-2.4.4-0.FC3.1.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.