[UCI-Linux] [SECURITY] Fedora Core 3 Update: openswan-2.4.4-0.FC3.1

Mike Iglesias iglesias at draco.acs.uci.edu
Mon Nov 21 10:00:30 PST 2005

From: "Harald Hoyer" <harald at redhat.com>
To: fedora-announce-list at redhat.com
Date: Mon, 21 Nov 2005 12:36:34 -0500
Subject: [SECURITY] Fedora Core 3 Update: openswan-2.4.4-0.FC3.1

Fedora Update Notification

Product     : Fedora Core 3
Name        : openswan
Version     : 2.4.4                      
Release     : 0.FC3.1                  
Summary     : Openswan IPSEC implementation
Description :

Openswan is a free implementation of IPSEC & IKE for Linux.  IPSEC is
the Internet Protocol Security and uses strong cryptography to provide
both authentication and encryption services.  These services allow you
to build secure tunnels through untrusted networks.  Everything passing
through the untrusted net is encrypted by the ipsec gateway machine and
decrypted by the gateway at the other end of the tunnel.  The resulting
tunnel is a virtual private network or VPN.

This package contains the daemons and userland tools for setting up
Openswan on a freeswan enabled kernel.

Update Information:

NISCC has reported two Denial of Service issues in Openswan.
 The first involves a specially crafted 3DES packet with an
invalid key length.

The Openswan project has relased version 2.4.4 to fix both

See http://www.openswan.org/ for details.

This update can be downloaded from:

79f000a19d216fc95f1bd0f24bd1bf41  SRPMS/openswan-2.4.4-0.FC3.1.src.rpm
6fe24a0ab188b4b0e45d610bfda9b554  x86_64/openswan-2.4.4-0.FC3.1.x86_64.rpm
c1c42f6af380064673bfa648c37349ee  x86_64/openswan-doc-2.4.4-0.FC3.1.x86_64.rpm
1dc85100f037b3b18db1a6f0069cad1e  i386/openswan-2.4.4-0.FC3.1.i386.rpm
93e5a2376e1373ee40b8ad7960f89dc2  i386/openswan-doc-2.4.4-0.FC3.1.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  

fedora-announce-list mailing list
fedora-announce-list at redhat.com

More information about the UCI-Linux mailing list