version bump to 5.0.4

diff --git a/NEWS b/NEWS
index b95698d910cb6cded40d99170d228d5a5ec6eca2..c377a82d04dcbb21918c779865033d1df40f449c 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -1,3 +1,23 @@
+strongswan-5.0.4
+----------------
+
+- Fixed a security vulnerability in the openssl plugin which was reported by
+  Kevin Wojtysiak. The vulnerability has been registered as CVE-2013-2944.
+  Before the fix, if the openssl plugin's ECDSA signature verification was used,
+  due to a misinterpretation of the error code returned by the OpenSSL
+  ECDSA_verify() function, an empty or zeroed signature was accepted as a
+  legitimate one.
+
+- The handling of a couple of other non-security relevant openssl return codes
+  was fixed as well.
+
+- The tnc_ifmap plugin now publishes virtual IPv4 and IPv6 addresses via its
+  TCG TNC IF-MAP 2.1 interface.
+
+- The charon.initiator_only option causes charon to ignore IKE initiation
+  requests.
+
+
 strongswan-5.0.3
 ----------------
 

diff --git a/configure.in b/configure.in
index bf827156101278ee83c78847af444b9e976e660e..32abb70e928ddf198055dbca09bd6a24358b4708 100644 (file)
--- a/configure.in
+++ b/configure.in
@@ -19,7 +19,7 @@
 #  initialize & set some vars
 # ============================
 
-AC_INIT([strongSwan],[5.0.4dr1])
+AC_INIT([strongSwan],[5.0.4])
 AM_INIT_AUTOMAKE(tar-ustar)
 AC_CONFIG_MACRO_DIR([m4/config])
 AC_CONFIG_HEADERS([config.h])