[el5_u4_base] openswan-doc-2.6.21-5.el5.i386

This package contains extensive documentation of the Openswan IPSEC
system.

Changelog (Show File list) (Show related packages)

• Tue Jul 14 2009 Avesh Agarwal <avagarwa@redhat.com> - 2.6.21-5

  - Improved FIPS integrity check functionality
  Resolves: #469763 FIPS-140: Add integrity checking

• Fri Jun 26 2009 Avesh Agarwal <avagarwa@redhat.com> - 2.6.21-4

  - Added support for using PSK with NSS (rhbz 507844)
  - Fixed several warnings and undid unnecessary comments
  - Updated README.nss with an example configuration
  - Fixed Openswan ASN.1 parser vulnerability (CVE-2009-2185)
  Resolves: CVE-2009-2185
  Resolves: #507844

• Mon May 18 2009 Avesh Agarwal <avagarwa@redhat.com> - 2.6.21-3

  - Revised patch to support fips integrity check functionality
  Resolves: #469763 FIPS-140: Add integrity checking

• Fri May 08 2009 Avesh Agarwal <avagarwa@redhat.com> - 2.6.21-2

  - Revised patch to support fips integrity check functionality
  Resolves: #469763 FIPS-140: Add integrity checking

• Tue Apr 21 2009 Avesh Agarwal <avagarwa@redhat.com> - 2.6.21-1

  - Upstream release
  - Major patches for support of NSS and fipscheck libraries
  Resolves: #444801 FIPS-140-2: Meet certification requirements for pluto
  Resolves: #469763 FIPS-140: Add integrity checking
  Resolves: #438998 Openswan's 'cannot route...' problem
  Resolves: #449725 Openswan seg fault using manual keying.
  Resolves: #463931 /etc/ipsec.conf includes /etc/ipsec.d/*.conf which is missing
  Resolves: #466861 avc: denied { write } for pid=2193 comm="ip" path="/var/run/pluto/ipsec_setup.out"
  Resolves: #487708 Misleading package description

• Fri Mar 27 2009 Avesh Agarwal <avagarwa@redhat.com> - 2.6.14-2

  - security update (CVE-2009-0790, CVE-2008-4190)
  Resolves: CVE-2009-0790, CVE-2008-4190

• Fri Jun 06 2008 Steve Grubb <sgrubb@redhat.com> - 2.6.14-1

  - new upstream release
  Resolves: #444575 openswan doesn't delete expired SA's

• Thu Jun 05 2008 Steve Grubb <sgrubb@redhat.com> - 2.6.14rc10-1

  - new upstream release

• Wed Jun 04 2008 Steve Grubb <sgrubb@redhat.com> - 2.6.14rc7-1

  - new upstream release
  Resolves: #439771 openswan and strongswan fail to interoperate with IKEv2
  Resolves: #441383 openswan should negotiate CCM algorithm
  Resolves: #442955 openswan doesn't accept null esp auth alg
  Resolves: #442956 openswan logging segfault when phase2alg=null
  Resolves: #444166 openswan IKEv2 crashes when interoperating with racoon2

• Wed Apr 23 2008 Steve Grubb <sgrubb@redhat.com> - 2.6.12-2

  Resolves: #442333 AVC denials on start of openswan host-to-host tunnel

• Tue Apr 22 2008 Steve Grubb <sgrubb@redhat.com> - 2.6.12-1

  - new upstream release
  Resolves: #432821 left/rightsourceip tags not working
  Resolves: #439985 opeswan IKEv2 responder fails when encr=aes and dh=modp1024
  Resolves: #441588 openswan IKEv2 crashes when interoperating with racoon2
  Resolves: #442333 AVC denials on start of openswan host-to-host tunnel

• Wed Apr 09 2008 Steve Grubb <sgrubb@redhat.com> - 2.6.11-1

  - new upstream release
  Resolves: #438826 openswan IKEv2 hangs between intel and ppc64 machines
  Resolves: #439985 opeswan IKEv2 responder fails when encr=aes and dh=modp1024

• Fri Mar 14 2008 Steve Conklin <sconklin@redhat.com> - 2.6.09-1

  Resolves: rhbz#432315
  Resolves: rhbz#432805
  Resolves: rhbz#432821
  - Moved to latest upstream
  - removed init script patch and will use upstream
  - Added protostack=netkey to ipsec.conf
  - New patch to include definition of HOST_NAME_MAX

• Fri Feb 08 2008 Linda Wang <lwang@redhat.com> - 2.6.07-2

  Related: rhbz#253052
  - Latest upstream

• Fri Feb 08 2008 Linda Wang <lwang@redhat.com> - 2.6.07-1

  Related: rhbz#253052
  - Latest upstream

• Thu Feb 07 2008 Steve Conklin <sconklin@redhat.com> - 2.6.05-1

  - Latest upstream
  - remove selinux test and message from verify script
  - forgot the following bz earlier
  Resolves: rhbz#253052 Request for IPSec IKEv2

• Tue Jan 29 2008 Steve Conklin <sconklin@redhat.com> - 2.6.03-9

  - cleanup some init problems
  Resolves: rhbz#430149 openswan init script errors
  Resolves: rhbz#430150 openswan emits spurious warnings

• Mon Jan 21 2008 Steve Conklin <sconklin@redhat.com> - 2.6.03-8

  Related: rhbz#235224
  - rpmdiff spotted these:
  - Cleaned out unused man page
  - patch error in barf script

• Fri Jan 18 2008 Steve Conklin <sconklin@redhat.com> - 2.6.03-7

  - Addressed the last set of small changes for package review

• Thu Jan 17 2008 Steve Conklin <sconklin@redhat.com> - 2.6.03-6

  - Moved everything else out of /usr/lib
  - Added tmraz's patch to remove extra slashes in makefile
  - Removed macros from changelog entries

• Thu Jan 17 2008 Steve Conklin <sconklin@redhat.com> - 2.6.03-5

  - Removed userland macros from spec file

• Thu Jan 17 2008 Steve Conklin <sconklin@redhat.com> - 2.6.03-4

  - Removed use of xmlto and the BuildRequires
  - moved scripts from /usr/lib to /usr/libexec
  - removed man3 pages for libopenswan functions (we don't deliver)

• Wed Jan 16 2008 Steve Conklin <sconklin@redhat.com> - 2.6.03-3

  - Removed _smp_mflags macro from from the spec file build section
  - Added BuildRequires for xmlto
  - Changed License from GPL to GPL+
  - removed klips ifdefs from spec file
  - Added patch to move example configs to doc dir
  - Added a patch to make the link to init script relative, 
    for chroot environments

• Fri Jan 11 2008 Steve Conklin <sconklin@redhat.com> - 2.6.03-2

  - Removed copy of file that no longer exists

• Fri Jan 11 2008 Steve Conklin <sconklin@redhat.com> - 2.6.03-1

  - Latest upstream tarball, includes fixes

• Thu Jan 10 2008 Steve Conklin <sconklin@redhat.com> - 2.6.02-2

  - Rebase to 2.6.02, add initial ikev2 support

• Mon Sep 17 2007 Steve Conklin <sconklin@redhat.com> - 2.4.9-2

  - Forgot changelog on last entry

• Mon Sep 17 2007 Steve Conklin <sconklin@redhat.com> - 2.4.9-1

  - sync to upstream latest

• Tue Mar 20 2007 Florian La Roche <laroche@redhat.com> - 2.4.7-3

  - do not use epoch macro, it is unset

• Wed Feb 28 2007 Harald Hoyer <harald@redhat.com> - 2.4.7-2

  - specfile review

• Fri Jan 26 2007 Harald Hoyer <harald@redhat.com> - 2.4.7-1

  - removed key generation from install phase
  - version 2.4.7

• Wed Jul 12 2006 Jesse Keating <jkeating@redhat.com> - 2.4.5-2.1

  - rebuild

• Wed May 17 2006 Harald Hoyer <harald@redhat.com> - 2.4.5-2

  - fixed typo (bug #191930)

• Fri May 05 2006 Harald Hoyer <harald@redhat.com> - 2.4.5-1

  - version 2.4.5

• Fri Feb 10 2006 Jesse Keating <jkeating@redhat.com> - 2.4.4-1.1.2.1

  - bump again for double-long bug on ppc(64)

• Tue Feb 07 2006 Jesse Keating <jkeating@redhat.com> - 2.4.4-1.1.2

  - rebuilt for new gcc4.1 snapshot and glibc changes

• Fri Dec 09 2005 Jesse Keating <jkeating@redhat.com>

  - rebuilt

• Fri Nov 18 2005 Harald Hoyer <harald@redhat.com> - 2.4.4-1.1

  - version 2.4.4
  - fixes NISCC Vulnerability Advisory 273756/NISCC/ISAKMP
  - fixes NISCC Advisory 3756/NISCC/ISAKMP

• Wed Nov 02 2005 Harald Hoyer <harald@redhat.com> - 2.4.2-0.dr5.1

  - version 2.4.2dr5

• Tue Oct 25 2005 Harald Hoyer <harald@redhat.com> - 2.4.2-0.dr1.1

  - version 2.4.2dr1

• Tue Sep 13 2005 Harald Hoyer <harald@redhat.com> - 2.4.0-1

  - version 2.4.0

• Wed Aug 31 2005 Harald Hoyer <harald@redhat.com> - 2.4.0-0.rc4.1

  - new version

• Sun Jul 31 2005 Florian La Roche <laroche@redhat.com>

  - remove sysv startup links to build with current rpm

• Thu May 12 2005 Harald Hoyer <harald@redhat.com> - 2.3.1-3

  - added openswan-2.3.1-nat_t_aggr.patch
  - added openswan-2.3.1-iproute2.patch
  - added openswan-2.3.1-cisco.patch
  - NAT-T/XAUTH/AGGR-MODE is now possible with a Cisco VPN 3000

• Wed Apr 27 2005 Harald Hoyer <harald@redhat.com> - 2.3.1-2

  - added Requires(post) of coreutils bash (bug 155699)
  - added Requires(preun) initscripts chkconfig

• Wed Apr 13 2005 Harald Hoyer <harald@redhat.com> - 2.3.1-1

  - version 2.3.1

• Mon Apr 04 2005 Jeremy Katz <katzj@redhat.com> - 2.3.0-6

  - remove some duplicate copies of the docs

• Wed Mar 02 2005 Harald Hoyer <harald@redhat.com>

  - rebuilt

• Mon Feb 21 2005 Harald Hoyer <harald@redhat.com> - 2.3.0-4

  - fixed bug rh#149164

• Fri Feb 18 2005 Harald Hoyer <harald@redhat.com> - 2.3.0-3

  - patched code to compile with gcc4

• Fri Jan 14 2005 Harald Hoyer <harald@redhat.com> - 2.3.0-2

  - Do not enable the initscript per default

• Tue Jan 11 2005 Harald Hoyer <harald@redhat.com> - 2.3.0-1

  - version 2.3.0
  - reimported specfile
  - PIEd openswan
  - cleaned up initial config files and added include directives
    for easy config drop in

• Wed Jan 05 2005 Paul Wouters <paul@xelerance.com>

  - Updated for x86_64 and klips on 2.6

• Tue Nov 02 2004 Dan Walsh <dwalsh@redhat.com> - 2.1.5-3

  - Apply selinux patch

• Thu Oct 21 2004 Bill Nottingham <notting@redhat.com> - 2.1.5-2

  - don't run by default. again.

• Wed Oct 13 2004 Harald Hoyer <harald@redhat.com> - 2.1.5-1

  - added selinux patch from Daniel Walsh
  - initscript now uses translated strings
  - version 2.1.5 with minor fixes

• Tue Sep 21 2004 Harald Hoyer <harald@redhat.com> - 2.1.4-7

  - added more build reqs (bug #132877)

• Thu Sep 09 2004 Bill Nottingham <notting@redhat.com> - 2.1.4-6

  - don't run by default
  - don't create/chmod directories in %post, just include them with the
    right perms
  - fix debuginfo
  - fix docs

• Mon Aug 23 2004 Jason Vas Dias <jvdias@redhat.com> - 2.1.4-5

  - Added debuginfo package

• Mon Aug 23 2004 Jason Vas Dias <jvdias@redhat.com> - 2.1.4-4

  - Install man-pages
  - Fix initscript 'fail()' func to write newline before failure()

• Thu Aug 19 2004 Jason Vas Dias <jvdias@redhat.com> - 2.1.4-3

  - Fix 'service ipsec status' output

• Wed Aug 18 2004 Jason Vas Dias <jvdias@redhat.com> - 2.1.4-2

  - Normalize initscripts for Red Hat and add translation string support

• Tue Aug 17 2004 Harald Hoyer <harald@redhat.com> - 2.1.4-1

  - initial import

• Tue May 25 2004 Ken Bantoft <ken@xelerance.com>

  - Initial version, based on FreeS/WAN .spec