From: Andreas Steffen Date: Sun, 14 Apr 2013 17:58:17 +0000 (+0200) Subject: version bump to 5.0.4 X-Git-Tag: 5.0.4~16 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2e12fc4b0aee9434eaf5e42ddc57577df4fe4cb2;p=thirdparty%2Fstrongswan.git version bump to 5.0.4 --- diff --git a/NEWS b/NEWS index b95698d910..c377a82d04 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,23 @@ +strongswan-5.0.4 +---------------- + +- Fixed a security vulnerability in the openssl plugin which was reported by + Kevin Wojtysiak. The vulnerability has been registered as CVE-2013-2944. + Before the fix, if the openssl plugin's ECDSA signature verification was used, + due to a misinterpretation of the error code returned by the OpenSSL + ECDSA_verify() function, an empty or zeroed signature was accepted as a + legitimate one. + +- The handling of a couple of other non-security relevant openssl return codes + was fixed as well. + +- The tnc_ifmap plugin now publishes virtual IPv4 and IPv6 addresses via its + TCG TNC IF-MAP 2.1 interface. + +- The charon.initiator_only option causes charon to ignore IKE initiation + requests. + + strongswan-5.0.3 ---------------- diff --git a/configure.in b/configure.in index bf82715610..32abb70e92 100644 --- a/configure.in +++ b/configure.in @@ -19,7 +19,7 @@ # initialize & set some vars # ============================ -AC_INIT([strongSwan],[5.0.4dr1]) +AC_INIT([strongSwan],[5.0.4]) AM_INIT_AUTOMAKE(tar-ustar) AC_CONFIG_MACRO_DIR([m4/config]) AC_CONFIG_HEADERS([config.h])