Issue on ipsec-tools-0.2.5-1.i386.rpm in FC2
Nalin Dahyabhai
nalin at redhat.com
Mon Nov 1 20:29:39 UTC 2004
On Sat, Oct 30, 2004 at 06:15:34AM -0700, Park Lee wrote:
> Now I'm using ipsec-tools-0.2.5-1.i386.rpm in my Fedora Core 2 ( with kernel 2.6.5 ).
> Today, I saw in IPsec Tools Homepage (http://ipsec-tools.sourceforge.net/), there is a statement which says:
>
> >IMPORTANT: Users of IPsec-tools are strongly recommended to
> >upgrade to a version released on or after 2004-04-05. Older versions
> >contain a security problem that bites connections authorized with
> >X.509 certificates
>
> Then, Does the ipsec-tools-0.2.5-1.i386.rpm in FC2 also has such a security problem? (i.e. has some security fixs been added into the ipsec-tools-0.2.5-1.i386.rpm, and can we use the rpm package with no such a danger? )
The 0.2.5-1 package does have this problem. The 0.2.5-2 package was
released as an update to incorporate a fix, and 0.2.5-4 some time after
that to correct a different problem.
I strongly suggest that you subscribe to the fedora-announce-list
mailing list [1], so that you'll receive notifications of future
updates, and use either up2date or yum to install updates which have
been released which you may have not installed.
HTH,
Nalin
[1] http://www.redhat.com/mailman/listinfo/fedora-announce-list
More information about the fedora-list
mailing list