[Swan-announce] Libreswan 3.12 released
The Libreswan Project
team at libreswan.org
Fri Nov 7 08:03:43 EET 2014
The Libreswan Project has released libreswan-3.12
This is a bugfix release, with mostly IKEv2 bugfixes, along with an
X509 chaining certificate bugfix.
You can download libreswan via https at:
https://download.libreswan.org/libreswan-3.12.tar.gz
https://download.libreswan.org/libreswan-3.12.tar.gz.asc
or via ftp at:
ftp://download.libreswan.org/libreswan-3.12.tar.gz
ftp://download.libreswan.org/libreswan-3.12.tar.gz.asc
The full changelog is available at:
https://download.libreswan.org/CHANGES
Please report bugs either via one of the mailinglists or at our bug tracker:
https://lists.libreswan.org/
https://bugs.libreswan.org/
Binary packages for RHEL/EPEL and Debian/Ubuntu can be found at
https://download.libreswan.org/binaries/
Binary packages for Fedora can be found in the respective fedora
repositories.
See also https://libreswan.org/
v3.12 (November 6, 2014)
* IKEv2: CP payload now installs internal address and dns [Antony]
* IKEv2: Don't try to decrypt if DH is incomplete [Antony]
* IKEv2: If applicable, add a CERTREQ payload in IKE_SA_INIT response [Antony]
* IKEv2: Fix parent I2 replace event delay [Antony]
* IKEv2: Liveness fix for restarting instantiated connection [Antony]
* IKEv2: Schedule expire instead of replace when rekey=no [Antony]
* IKEv2: Zero out CP payload before sending [Antony]
* IKEv2: Fix message id in create child sa response [Antony]
* IKEv2: Don't try to instantiate unoriented connections [Antoy]
* XAUTH: Fix 2 missing breaks when deciding on sending ModeCFG payloads [Paul]
* X509: Ensure that root CA does not end up in the ca_path list [Matt]
* pluto: Cleanup DYNDNS code and other clang warnings [Hugh]
* pluto: lswconf.c: getNSSPassword: fix bugs and tidy [Hugh]
* pluto: check return value of ike_alg_register_enc for twofish/serpent [Paul]
* pluto: fix various uninitialised variables in out_struct() calls [Paul/Hugh]
* KLIPS: Fix missing breaks in spi command algo type parsing [Paul]
* building: disable libcap-ng and NM support for OSX [Paul]
More information about the Swan-announce
mailing list