A new update is available for Fedora Core - [SECURITY] Fedora Core 4 Update: openswan-2.4.4-1.0.FC4.1. Here the announcement:
Fedora Update Notification
FEDORA-2005-1093
2005-11-21
---------------------------------------------------------------------
Product : Fedora Core 4
Name : openswan
Version : 2.4.4
Release : 1.0.FC4.1
Summary : Openswan IPSEC implementation
Description :
Openswan is a free implementation of IPSEC & IKE for Linux. IPSEC is
the Internet Protocol Security and uses strong cryptography to provide
both authentication and encryption services. These services allow you
to build secure tunnels through untrusted networks. Everything passing
through the untrusted net is encrypted by the ipsec gateway machine and
decrypted by the gateway at the other end of the tunnel. The resulting
tunnel is a virtual private network or VPN.
This package contains the daemons and userland tools for setting up
Openswan on a freeswan enabled kernel.
---------------------------------------------------------------------
Update Information:
NISCC has reported two Denial of Service issues in Openswan.
The first involves a specially crafted 3DES packet with an
invalid key length.
The Openswan project has relased version 2.4.4 to fix both
issues.
See http://www.openswan.org/ for details.
---------------------------------------------------------------------
* Mon Nov 21 2005 Harald Hoyer <harald@redhat.com> - 2.4.4-1.0.FC4.1
- version 2.4.4
- fixes NISCC Vulnerability Advisory 273756/NISCC/ISAKMP
- fixes NISCC Advisory 3756/NISCC/ISAKMP
* Wed Nov 2 2005 Harald Hoyer <harald@redhat.com> - 2.4.2-0.dr5.1
- version 2.4.2dr5
* Tue Oct 25 2005 Harald Hoyer <harald@redhat.com> - 2.4.2-0.dr1.1
- version 2.4.2dr1
* Tue Sep 13 2005 Harald Hoyer <harald@redhat.com> - 2.4.0-1
- version 2.4.0
* Wed Aug 31 2005 Harald Hoyer <harald@redhat.com> - 2.4.0-0.rc4.1
- new version
* Sun Jul 31 2005 Florian La Roche <laroche@redhat.com>
- remove sysv startup links to build with current rpm
* Thu May 12 2005 Harald Hoyer <harald@redhat.com> - 2.3.1-3
- added openswan-2.3.1-nat_t_aggr.patch
- added openswan-2.3.1-iproute2.patch
- added openswan-2.3.1-cisco.patch
- NAT-T/XAUTH/AGGR-MODE is now possible with a Cisco VPN 3000
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/
fe9bc3fa5ef955e12050a4e19fc2b9b6 SRPMS/openswan-2.4.4-1.0.FC4.1.src.rpm
8d46760e08073c0932fff34d4fe8da06 ppc/openswan-2.4.4-1.0.FC4.1.ppc.rpm
acc08c24adbc56dacbaa2f6313216bdd ppc/openswan-doc-2.4.4-1.0.FC4.1.ppc.rpm
57b16a581d23a636785cd592ba84bcdf x86_64/openswan-2.4.4-1.0.FC4.1.x86_64.rpm
e970d54a13742f49fe99862f8b286efe x86_64/openswan-doc-2.4.4-1.0.FC4.1.x86_64.rpm
ccf4eef51f820f89baa9f18a3a3ff15f i386/openswan-2.4.4-1.0.FC4.1.i386.rpm
4f952b746ab8d9bc95cb2e830f1313d2 i386/openswan-doc-2.4.4-1.0.FC4.1.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.