[SECURITY] Fedora Core 3 Update: openswan-2.4.4-0.FC3.1

Harald Hoyer harald at redhat.com
Mon Nov 21 17:36:34 UTC 2005

Fedora Update Notification

Product     : Fedora Core 3
Name        : openswan
Version     : 2.4.4                      
Release     : 0.FC3.1                  
Summary     : Openswan IPSEC implementation
Description :

Openswan is a free implementation of IPSEC & IKE for Linux.  IPSEC is
the Internet Protocol Security and uses strong cryptography to provide
both authentication and encryption services.  These services allow you
to build secure tunnels through untrusted networks.  Everything passing
through the untrusted net is encrypted by the ipsec gateway machine and
decrypted by the gateway at the other end of the tunnel.  The resulting
tunnel is a virtual private network or VPN.

This package contains the daemons and userland tools for setting up
Openswan on a freeswan enabled kernel.

Update Information:

NISCC has reported two Denial of Service issues in Openswan.
 The first involves a specially crafted 3DES packet with an
invalid key length.

The Openswan project has relased version 2.4.4 to fix both

See http://www.openswan.org/ for details.

This update can be downloaded from:

79f000a19d216fc95f1bd0f24bd1bf41  SRPMS/openswan-2.4.4-0.FC3.1.src.rpm
6fe24a0ab188b4b0e45d610bfda9b554  x86_64/openswan-2.4.4-0.FC3.1.x86_64.rpm
c1c42f6af380064673bfa648c37349ee  x86_64/openswan-doc-2.4.4-0.FC3.1.x86_64.rpm
1dc85100f037b3b18db1a6f0069cad1e  i386/openswan-2.4.4-0.FC3.1.i386.rpm
93e5a2376e1373ee40b8ad7960f89dc2  i386/openswan-doc-2.4.4-0.FC3.1.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  

More information about the fedora-announce-list mailing list