Skip to content

CentOS 7 - Updates for x86_64: system environment/daemons: libreswan

libreswan - IPsec implementation with IKEv1 and IKEv2 keying protocols

Website: https://libreswan.org/
License: GPLv2
Vendor: CentOS
Description:
Libreswan is a free implementation of IPsec & IKE for Linux.  IPsec is
the Internet Protocol Security and uses strong cryptography to provide
both authentication and encryption services.  These services allow you
to build secure tunnels through untrusted networks.  Everything passing
through the untrusted net is encrypted by the ipsec gateway machine and
decrypted by the gateway at the other end of the tunnel.  The resulting
tunnel is a virtual private network or VPN.

This package contains the daemons and userland tools for setting up
Libreswan. It supports the NETKEY/XFRM IPsec kernel stack that exists
in the default Linux kernel.

Libreswan also supports IKEv2 (RFC-7296) and Secure Labeling

Libreswan is based on Openswan-2.6.38 which in turn is based on FreeS/WAN-2.04

Packages

libreswan-3.25-9.1.el7_8.x86_64 [1.4 MiB] Changelog by Paul Wouters (2020-06-16):
- Resolves: rhbz#1844621 Backport FIPS keysize fixes from RHEL8
libreswan-3.25-8.1.el7_7.x86_64 [1.4 MiB] Changelog by Paul Wouters (2019-08-28):
- Resolves: rhbz#1746052 libreswan: XFRM policy for OE/32 peer is deleted when shunts for previous half-open state expire [rhel-7.7.z]
libreswan-3.25-4.8.el7_6.x86_64 [1.4 MiB] Changelog by Paul Wouters (2019-05-09):
- Resolves: rhbz#1708060 IKEv1 traffic interruption when responder deletes SAs 60 seconds before EVENT_SA_REPLACE [rhel-7.6.z]
libreswan-3.25-4.1.el7_6.x86_64 [1.4 MiB] Changelog by Paul Wouters (2019-01-11):
- Resolves: rhbz#1665369 libreswan 3.25 in FIPS mode is incorrectly rejecting X.509 public keys that are >= 3072 bits [rhel-7.6.z]
libreswan-3.25-2.el7.x86_64 [1.4 MiB] Changelog by Paul Wouters (2018-07-02):
- Resolves: rhbz#1597322 Relax deleting IKE SA's and IPsec SA's to avoid interop issues with third party VPN vendors
libreswan-3.23-5.el7_5.x86_64 [1.3 MiB] Changelog by Paul Wouters (2018-05-25):
- Resolves: rhbz#1573949 ipsec newhostkey fails in FIPS mode [spec file only update]
libreswan-3.23-3.el7.x86_64 [1.3 MiB] Changelog by Paul Wouters (2018-02-07):
- Resolves: rhbz#1471553 libreswan postquantum preshared key (PPK) support [IANA update]
libreswan-3.20-5.el7_4.x86_64 [1.3 MiB] Changelog by Paul Wouters (2017-10-24):
- Resolves: rhbz#1503949 [updated - USE_DNSSEC setting was updated]
libreswan-3.20-3.el7.x86_64 [1.3 MiB] Changelog by Paul Wouters (2017-06-12):
- Resolves: rhbz#1372279 ipsec auto --down CONNECTION returns error for tunnels [updated]
- Resolves: rhbz#1458227 CAVS test driver does not work in FIPS mode
- Resolves: rhbz#1452672 (new-ksk-libreswan-el7) DNSSEC trust anchor cannot be updated without recompilation
libreswan-3.15-8.el7.x86_64 [1.2 MiB] Changelog by Paul Wouters (2016-09-07):
- Resolves: rhbz#1361721 libreswan pluto segfault [UPDATED]
- Resolves: rhbz#1276524 [USGv6] IKEv2.EN.R.1.1.3.2 case failed due to response to bad INFORMATIONAL request [UPDATED]
- Resolves: rhbz#1309764 ipsec barf [additional man page update and --no-pager]
libreswan-3.15-5.el7_1.x86_64 [1.2 MiB] Changelog by Paul Wouters (2015-10-21):
- Resolves: rhbz#1273719 libreswan FIPS test mistakenly looks for non-existent file hashes
libreswan-3.12-10.1.el7_1.x86_64 [1.2 MiB] Changelog by Paul Wouters (2015-05-29):
- Resolves: rhbz#1226407 CVE-2015-3204 libreswan: crafted IKE packet causes daemon restart

Listing created by repoview