Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

ipsec-tools-0.8.2-5.35 RPM for s390x

From OpenSuSE Leap 15.3 for s390x

Name: ipsec-tools Distribution: SUSE Linux Enterprise 15
Version: 0.8.2 Vendor: SUSE LLC <>
Release: 5.35 Build date: Sat May 26 03:34:42 2018
Group: Productivity/Networking/Security Build host: s390lpd
Size: 1118341 Source RPM: ipsec-tools-0.8.2-5.35.src.rpm
Summary: IPsec Utilities
This is the IPsec-Tools package.  This package is needed to really make
use of the IPsec functionality in the version 2.5 and 2.6 Linux
kernels.  This package builds:
  - libipsec, a PFKeyV2 library
  - setkey, a program to directly manipulate policies and SAs
  - racoon, an IKEv1 keying daemon
These sources can be found at the IPsec-Tools home page at:






* Fri Jan 26 2018
  - avoid-dos-with-fragment-out-of-order.patch (bsc#1047443,
* Wed Nov 29 2017
  - ipsec-tools-openssl1.1.patch: build against openssl 1.1 (bsc#1066950)
* Thu Nov 23 2017
  - Replace references to /var/adm/fillup-templates with new
    %_fillupdir macro (boo#1069468)
* Sat Sep 02 2017
  - add reminder for racoon-setkey.service to setkey.conf
* Wed Aug 05 2015
  - do not run %fdupes over the whole tree, to avoid symlinking
    /etc/ config files and /usr/ sample configs.
* Wed Jun 10 2015
  - rework racoon.psk.patch
    * comment example entry (its not a backdoor just an example)
* Thu Jun 04 2015
  - Cleanup most of the rpmlint warnings to have it in better shape
* Thu Apr 23 2015
  - racoon-fips-rsa.patch: Use a default exponent of at least 65537
    (minimum FIPS required public exponent)
  - racoon-no-md5.patch: replace one md5 usage by sha1 in an internal
    hash table. Allow md5 usage for an external visible interface,
    as it is also hashing only.
* Thu Jan 22 2015
  - Update to version 0.8.2
    * Fix admin port establish-sa for tunnel mode SAs
    * Fix source port selection regression from version 0.8.1
    * Various logging improvements
    * Additional compliance and build fixes
  - Changes from version 0.8.1
    * Improved X.509 subject name comparation
    * Relax DPD cookie check for Cisco IOS compatibility
    * Allow simplified syntax for inherited remote blocks
    * Never shring pfkey socket buffer
    * Privilege separation child process exit fix
    * Multiple memory allocation and use-after-free fixes
  - Remove some obsolete macros
* Tue Jul 08 2014
  - ipsec-tools-0.8.0-certasn1txtbroken.patch:
    disable the certificate test in src/racoon/eaytest.c as the
    internal X.509 ASN.1 string presentation was changed in openssl
    and the test currently does not work.
* Thu Mar 13 2014
  - add RemainAfterExit=yes to the .service file (bnc#856625)
* Fri Jan 10 2014
  - upgrade to version 0.8.0:
    o Fix authentication method ambiguity with kerberos and xauth
    o RFC2253 compliant escaping of asn1dn identifiers (Cyrus Rahman)
    o Local address code rewrite to speed things up
    o Improved MIPv6 support (Arnaud Ebalard)
    o ISAKMP SA (phase1) rekeying
    o Improved scheduler (faster algorithm, support monotonic clock)
    o Handle RESPONDER-LIFETIME in quick mode
    o Handle INITIAL-CONTACT in from main mode too
    o Rewritten event handling framework for admin port
    o Ability to initiate IPsec SA through admin port
    o NAT-T Original Address handling (transport mode NAT-T support)
    o clean NAT-T - PFkey support
    o support for multiple anonymous remoteconfs
    o Remove various obsolete configuration options
    o A lot of other bug fixes, performance improvements and clean ups
  - Remove ipsec-tools-linux-3.7-compat.diff which caused bnc#867055
    by including wrong headers; fix by installing
    linux-glibc-devel and including /usr/include for kernel headers
* Thu Sep 19 2013
  - remove unused racoon.init from the package, it was
    already removed from the spec file in the previous change.
* Thu Sep 19 2013
  - Add systemd support, systemctl enable racoon.service
    also enables helper optional service racoon-setkey
  - /etc/sysconfig/racoon was never created, fix that.
* Thu Jan 31 2013
  - Add ipsec-tools-linux-3.7-compat.diff(partly from openwrt)
    * since pfkeyv2.h moved to include/uapi/linux as explained, make the compiler found
      header in valid path. there is a discussion about this issue at
* Wed Oct 31 2012
  - unify the permissions of psk.txt to avoid false duplicate warnings
    from fdupes (bnc#784670)
* Tue Jan 31 2012
  - remove suse_update_config macro usage
* Sat Oct 15 2011
  - add libtool as buildrequire to make the spec file more reliable
* Sun Sep 04 2011
  - create /var/run/racoon in the init script rather than including
    it in the package as it doesn't work if /var/run is on tmpfs
* Sun May 15 2011
  - remove Author from description
  - add racoon.psk patch
* Wed May 04 2011
  - Add ipsec-tools-0.7.3-linkerflag.patch: remove wrong linker flag
  - Add ipsec-tools-0.7.2-nodevel.patch: don't install development
    files, instead of manually removing them in the spec file.
  - Drop no_werror.patch: Remove Werror flag by sed, its all over the
    configure file, old patch was incomplete anyway.
* Tue Nov 03 2009
  - updated patches to apply with fuzz=0
* Tue Oct 06 2009
  - cleanup spec
    o sorted sections
    o simplify clean
    o sort install section
    o sort files section
  - added missing /etc/racoon/cert DIR
* Fri Sep 18 2009
  - cleanup spec
    o sorted TAGS
    o added configure macro
  - rpmlint
    o added fdupes
  - fix selinux build
    o if suse_version >= 1100
* Thu Jun 11 2009
  - upgrade to 0.7.3
  - integrated security patch
  - enabled selinux support (--enable-security-context=yes)
* Thu Jun 11 2009
  - fix_sockaddr_overflow_in_ipsec_doi.c.diff (bnc#506710)
* Wed May 06 2009
  - Upgrade to 0.7.2
  - fixed some rpmlint warnings/errors
  - racoon.conf_macros.patch updates the .in file, not the result
  - added /etc/pam.d/racoon
  - added --with-libldap



Generated by rpm2html 1.8.1

Fabrice Bellet, Tue May 9 16:21:33 2023