webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-23 17:32:57 +02:00
Code Issues Packages Projects Releases Wiki Activity
9,600 Commits 2 Branches 1 Tag
28bee14eccbc3e2cada73cbbe84634e070c8c8bc
Commit Graph

65 Commits

Author SHA1 Message Date
Michael Tremer
8235f17df5 strongswan: Update to 5.3.3 
ChaCha is disabled since our kernel does not support it yet

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2015-10-03 19:17:01 +01:00
Michael Tremer
c3e1954331 strongswan: Update to 5.3.2 
This release fixes a security issue filed under CVE-2015-4171.

https://www.strongswan.org/blog/2015/06/08/strongswan-vulnerability-(cve-2015-4171).html

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
 2015-06-12 17:15:51 +02:00
Michael Tremer
41ed4795fe strongswan: Update to 5.3.1 
Fixed a denial-of-service and potential remote code execution vulnerability
triggered by IKEv1/IKEv2 messages that contain payloads for the respective
other IKE version. Such payload are treated specially since 5.2.2 but because
they were still identified by their original payload type they were used as
such in some places causing invalid function pointer dereferences.
The vulnerability has been registered as CVE-2015-3991.

https://www.strongswan.org/blog/2015/06/01/strongswan-vulnerability-%28cve-2015-3991%29.html

The increased buffer size has been fixed in bug #943 upstream
  https://wiki.strongswan.org/issues/943
 2015-06-04 19:26:44 +02:00
Michael Tremer
ffe32bf7ae strongswan: Increase stroke buffer size to 8k 2015-04-27 20:58:45 +02:00
Michael Tremer
df5fbff531 strongswan: Update to 5.3.0 
Enable support for CCM and CTR
 2015-03-31 00:59:28 +02:00
Michael Tremer
dfea4f86c2 strongswan: Allow using AES-GCM in various configurations 2015-03-11 18:13:25 +01:00
Michael Tremer
8d289021d3 strongswan: Update solution for strongswan bug #816 2015-03-04 23:54:10 +01:00
Michael Tremer
dea158f2fc strongswan: Create configuration for better interoperability 
Also import some upstream fixes for connection stability.
 2015-02-11 15:15:47 +01:00
Michael Tremer
0cf8de0502 Revert "strongswan: Fix for CVE-2014-9221" 
This reverts commit c1000c2cd4.

This commit has been merged from master to this branch, but
actually strongswan was already updated to version 5.2.2 which
does not need this fix any more.
 2015-02-11 14:59:11 +01:00
Michael Tremer
de0ccf8f8c Merge branch 'master' into next 
Conflicts:
	make.sh
 2015-02-04 13:24:05 +01:00
Michael Tremer
e62b6718b9 strongswan: Update to 5.2.2 2015-01-12 13:04:47 +01:00
Michael Tremer
c1000c2cd4 strongswan: Fix for CVE-2014-9221 2015-01-12 13:03:16 +01:00
Michael Tremer
bb882aa1f9 strongswan: Update to 5.2.1 2014-10-26 21:00:08 +01:00
Michael Tremer
ec4e8d3fec strongswan: Update to version 5.2.0. 2014-07-09 22:15:43 +02:00
Michael Tremer
c007921b21 strongswan: Don't ship unity plugin any more. 
Fixes #10569
 2014-07-08 19:27:44 +02:00
Michael Tremer
8bc689164e strongswan: Update to 5.2.0rc1. 2014-07-05 20:08:28 +02:00
Michael Tremer
567fadff6a strongswan: Update to 5.2.0dr6. 2014-06-19 14:39:21 +02:00
Michael Tremer
d1b0815ff7 strongswan: Enable XAUTH noauth plugin. 
See #10468.
 2014-04-22 17:46:32 +02:00
Michael Tremer
fab1f85783 strongswan: Update to 5.1.3. 
Fixes CVE-2014-2338.
 2014-04-15 21:16:14 +02:00
Michael Tremer
fb5132aa57 strongswan: Update to 5.1.2. 
http://www.strongswan.org/blog/2014/03/03/strongswan-5.1.2-released.html
 2014-03-03 12:27:09 +01:00
Michael Tremer
bc05155ac0 strongswan: Update to 5.1.2rc1. 2014-02-18 15:16:08 +01:00
Michael Tremer
e360e50ac4 strongswan: Update to 5.1.2dr3. 2014-02-07 14:49:03 +01:00
Michael Tremer
0dff6b5b85 strongswan: Enable dhcp and farp plugin (#10467). 2014-01-29 15:01:57 +01:00
Arne Fitzenreiter
30f68903d3 Merge remote-tracking branch 'origin/next' into fifteen 2013-12-21 10:05:39 +01:00
Michael Tremer
cfb00625b8 strongswan: Disable rdrand plugin. 
Disabled because of security concerns.
 2013-12-12 21:15:24 +01:00
Arne Fitzenreiter
d0d3fe9d26 Merge remote-tracking branch 'origin/next' into fifteen 
Conflicts:
	lfs/samba
	lfs/strongswan
 2013-11-13 14:05:15 +01:00
Michael Tremer
c648458609 strongswan: Delay sending DPD packets after rekeying. 2013-11-13 00:25:27 +01:00
Michael Tremer
ec985733a5 strongswan: Update to 5.1.1. 2013-11-07 20:56:43 +01:00
Michael Tremer
6fb9681c24 strongswan: Update to 5.1.1rc1. 2013-10-28 21:00:03 +01:00
Michael Tremer
47a83092b5 Merge branch 'next' into fifteen 2013-10-27 13:12:12 +01:00
Michael Tremer
78e35c82dc strongswan: Update to 5.1.1dr4. 2013-10-22 15:01:24 +02:00
Alexander Marx
dc33c23b1f Forward Firewall: Updated strongswan patch provided my Michael. (Changes _updown script from FORWARD ACCEPT to RETURN) 2013-08-09 14:11:52 +02:00
Alexander Marx
dafaa41427 Forward Firewall: update _updown on build 2013-08-09 14:11:07 +02:00
Michael Tremer
7f532e3725 strongswan: Update to 5.1.0. 2013-08-01 19:38:50 +02:00
Michael Tremer
6b0a04c0f8 strongswan: Update to 5.1.0rc1. 2013-07-20 17:36:53 +02:00
Michael Tremer
5e9b7dd2c3 Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into strongswan-next 2013-07-16 22:00:14 +02:00
Michael Tremer
15be554282 strongswan: Enable EAP authentication algorithms. 2013-07-16 20:54:28 +02:00
Michael Tremer
82efdd4f22 strongswan: Update to 5.1.0dr2. 2013-07-14 12:58:38 +02:00
Michael Tremer
3f7ae7b715 strongswan: Update to 5.1.0dr1. 2013-07-04 12:41:25 +02:00
Michael Tremer
f898e6ac5d strongswan: Update to 5.0.4. 
http://www.strongswan.org/blog/2013/04/30/strongswan-5.0.4-released-%28cve-2013-2944%29.html
 2013-04-30 14:19:28 +02:00
Michael Tremer
35275bcd26 strongswan: Update to 5.0.3. 2013-04-05 11:19:54 +02:00
Michael Tremer
a3b3340bcc strongswan: Update to 5.0.3rc1. 2013-03-28 17:09:35 +01:00
Arne Fitzenreiter
38288aeed1 qos: fix replacement of fq_codel with htb at qos start. 2013-02-02 09:47:58 +01:00
Michael Tremer
404c8e462b strongswan: Enable eap-radius plugin. 
It has been requested by a couple of users to enable
this plugin.

http://forum.ipfire.org/index.php?topic=3333.0
http://wiki.strongswan.org/projects/strongswan/wiki/EapRadius
 2012-12-10 17:15:48 +01:00
Michael Tremer
b8e25fcdcd strongswan: Update to 5.0.1. 2012-10-09 00:29:38 +02:00
Michael Tremer
3090c39efd strongswan: Update to 5.0.0. 
This update removes pluto which is replaced by charon.
 2012-07-04 15:53:19 +02:00
Arne Fitzenreiter
6105282deb strongswan: security update to 4.6.4 (fix CVE-2012-2388). 
RSA signature verification vulnerability
see http://http://www.strongswan.org/blog/2012/05/31/strongswan-4.6.4-released-%28cve-2012-2388%29.html for details.
 2012-06-01 12:47:07 +02:00
Arne Fitzenreiter
d66d6f8827 strongswan: update to 4.6.3. 2012-05-12 19:31:46 +02:00
Arne Fitzenreiter
5d934a73dc strongswan: update to 4.6.2. 
fixes #10037
 2012-04-07 11:31:34 +02:00
Michael Tremer
a73f60abb8 strongswan: Customize the welcome banner. 
References:
 http://forum.ipfire.org/index.php/topic,5993.0.html
 http://forum.ipfire.org/index.php/topic,3329.0.html
 2012-02-10 11:01:42 +01:00