Version 4.3.3 » History » Version 1
Tobias Brunner, 01.09.2009 14:28
Changes for Version 4.3.3
| 1 | 1 | Tobias Brunner | h1. Version 4.3.3 |
|---|---|---|---|
| 2 | 1 | Tobias Brunner | |
| 3 | 1 | Tobias Brunner | * The configuration option --enable-integrity-test plus the strongswan.conf |
| 4 | 1 | Tobias Brunner | option libstrongswan.integrity_test = yes activate integrity tests |
| 5 | 1 | Tobias Brunner | of the IKE daemons charon and pluto, libstrongswan and all loaded |
| 6 | 1 | Tobias Brunner | plugins. Thus dynamic library misconfigurations and non-malicious file |
| 7 | 1 | Tobias Brunner | manipulations can be reliably detected. |
| 8 | 1 | Tobias Brunner | |
| 9 | 1 | Tobias Brunner | * The new default setting libstrongswan.ecp_x_coordinate_only=yes allows |
| 10 | 1 | Tobias Brunner | IKEv1 interoperability with MS Windows using the ECP DH groups 19 and 20. |
| 11 | 1 | Tobias Brunner | |
| 12 | 1 | Tobias Brunner | * The IKEv1 pluto daemon now supports the AES-CCM and AES-GCM ESP |
| 13 | 1 | Tobias Brunner | authenticated encryption algorithms. |
| 14 | 1 | Tobias Brunner | |
| 15 | 1 | Tobias Brunner | * The IKEv1 pluto daemon now supports V4 OpenPGP keys. |
| 16 | 1 | Tobias Brunner | |
| 17 | 1 | Tobias Brunner | * The RDN parser vulnerability discovered by Orange Labs research team |
| 18 | 1 | Tobias Brunner | was not completely fixed in version 4.3.2. Some more modifications |
| 19 | 1 | Tobias Brunner | had to be applied to the asn1_length() function to make it robust. |