libreswan-4.15-5.el10 RPM for x86_64

From CentOS Stream 10 AppStream for x86_64

Libreswan is a free implementation of IPsec & IKE for Linux.  IPsec is
the Internet Protocol Security and uses strong cryptography to provide
both authentication and encryption services.  These services allow you
to build secure tunnels through untrusted networks.  Everything passing
through the untrusted net is encrypted by the ipsec gateway machine and
decrypted by the gateway at the other end of the tunnel.  The resulting
tunnel is a virtual private network or VPN.

This package contains the daemons and userland tools for setting up
Libreswan.

Libreswan also supports IKEv2 (RFC7296) and Secure Labeling

Libreswan is based on Openswan-2.6.38 which in turn is based on FreeS/WAN-2.04

Provides

• libreswan
• config(libreswan)
• libreswan(x86-64)

Requires

• /bin/sh
• /bin/sh
• /bin/sh
• /usr/bin/sh
• bash
• config(libreswan) = 4.15-5.el10
• coreutils
• iproute >= 2.6.8
• libaudit.so.1()(64bit)
• libc.so.6()(64bit)
• libc.so.6(GLIBC_2.14)(64bit)
• libc.so.6(GLIBC_2.17)(64bit)
• libc.so.6(GLIBC_2.2.5)(64bit)
• libc.so.6(GLIBC_2.27)(64bit)
• libc.so.6(GLIBC_2.3)(64bit)
• libc.so.6(GLIBC_2.3.2)(64bit)
• libc.so.6(GLIBC_2.3.4)(64bit)
• libc.so.6(GLIBC_2.33)(64bit)
• libc.so.6(GLIBC_2.34)(64bit)
• libc.so.6(GLIBC_2.4)(64bit)
• libc.so.6(GLIBC_2.7)(64bit)
• libc.so.6(GLIBC_ABI_DT_RELR)(64bit)
• libcap-ng.so.0()(64bit)
• libcrypt.so.2()(64bit)
• libcrypt.so.2(XCRYPT_2.0)(64bit)
• libcurl.so.4()(64bit)
• libevent_core-2.1.so.7()(64bit)
• libevent_pthreads-2.1.so.7()(64bit)
• libgcc_s.so.1()(64bit)
• libgcc_s.so.1(GCC_3.0)(64bit)
• libgcc_s.so.1(GCC_3.3.1)(64bit)
• liblber.so.2()(64bit)
• liblber.so.2(OPENLDAP_2.200)(64bit)
• libldap.so.2()(64bit)
• libldap.so.2(OPENLDAP_2.200)(64bit)
• libldns.so.3()(64bit)
• libnspr4.so()(64bit)
• libnss3.so()(64bit)
• libnss3.so(NSS_3.10)(64bit)
• libnss3.so(NSS_3.11)(64bit)
• libnss3.so(NSS_3.11.2)(64bit)
• libnss3.so(NSS_3.11.7)(64bit)
• libnss3.so(NSS_3.12)(64bit)
• libnss3.so(NSS_3.12.3)(64bit)
• libnss3.so(NSS_3.15)(64bit)
• libnss3.so(NSS_3.15.4)(64bit)
• libnss3.so(NSS_3.18)(64bit)
• libnss3.so(NSS_3.2)(64bit)
• libnss3.so(NSS_3.22)(64bit)
• libnss3.so(NSS_3.3)(64bit)
• libnss3.so(NSS_3.30)(64bit)
• libnss3.so(NSS_3.4)(64bit)
• libnss3.so(NSS_3.5)(64bit)
• libnss3.so(NSS_3.6)(64bit)
• libnss3.so(NSS_3.7)(64bit)
• libnss3.so(NSS_3.8)(64bit)
• libnss3.so(NSS_3.9)(64bit)
• libnss3.so(NSS_3.9.2)(64bit)
• libnssutil3.so()(64bit)
• libnssutil3.so(NSSUTIL_3.38)(64bit)
• libpam.so.0()(64bit)
• libpam.so.0(LIBPAM_1.0)(64bit)
• libseccomp.so.2()(64bit)
• libselinux.so.1()(64bit)
• libselinux.so.1(LIBSELINUX_1.0)(64bit)
• libsmime3.so()(64bit)
• libsmime3.so(NSS_3.2)(64bit)
• libsmime3.so(NSS_3.3)(64bit)
• libsmime3.so(NSS_3.4)(64bit)
• libsmime3.so(NSS_3.9.3)(64bit)
• libssl3.so()(64bit)
• libssl3.so(NSS_3.14)(64bit)
• libssl3.so(NSS_3.2)(64bit)
• libssl3.so(NSS_3.24)(64bit)
• libunbound.so.8()(64bit)
• logrotate
• nss >= 3.52
• nss-softokn
• nss-tools
• procps-ng
• rpmlib(CompressedFileNames) <= 3.0.4-1
• rpmlib(FileDigests) <= 4.6.0-1
• rpmlib(PayloadFilesHavePrefix) <= 4.0-1
• rpmlib(PayloadIsZstd) <= 5.4.18-1
• rtld(GNU_HASH)
• systemd
• systemd
• systemd
• unbound-libs >= 1.6.6

License

GPL-2.0-or-later AND MPL-2.0

Changelog

* Tue Aug 06 2024 Daiki Ueno <dueno@redhat.com> - 4.15-5
  - Make use of Netlink extack for additional error reporting
* Tue Aug 06 2024 Daiki Ueno <dueno@redhat.com> - 4.15-4
  - Fix auto=ondemand connection initialization with TCP
* Tue Aug 06 2024 Daiki Ueno <dueno@redhat.com> - 4.15-3
  - Re-introduce libreswan-4.6-ikev1-policy-defaults-to-drop.patch
* Thu Jun 27 2024 Paul Wouters <paul.wouters@aiven.io> - 4.15-2
  - Add libreswan-4.15-ipsec_import.patch
* Thu Jun 27 2024 Paul Wouters <paul.wouters@aiven.io> - 4.15-1
  - Update libreswan to 4.15 for CVE-2024-3652
  - Resolves rhbz#2274448 CVE-2024-3652 libreswan: IKEv1 default AH/ESP
    responder can crash and restart
  - Allow "ipsec import" to try importing PKCS#12 non-interactively if there
    is no password
* Thu Jun 27 2024 Paul Wouters <paul.wouters@aiven.io> - 4.14-1
  - Update to 4.14 for CVE-2024-2357
* Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 4.12-3.3
  - Bump release for June 2024 mass rebuild
* Thu Jan 25 2024 Fedora Release Engineering <releng@fedoraproject.org> - 4.12-3.2
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Sun Jan 21 2024 Fedora Release Engineering <releng@fedoraproject.org> - 4.12-3.1
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Fri Sep 08 2023 Paul Wouters <paul.wouters@aiven.io> - 4.12-3
  - Update libcap-ng patch, fix email addresses in changelog
* Tue Sep 05 2023 Paul Wouters <paul.wouters@aiven.io> - 4.12-2
  - Remove ipsec show and ipsec verify sub commands (not very useful, causes python requirement)
  - Patch for handling libcap-ng return values and fix capng_apply() call
* Fri Aug 11 2023 Paul Wouters <paul.wouters@aiven.io> - 4.12-1
  - Update to 4.12 for CVE-2023-38710, CVE-2023-38711 and CVE-2023-38712
  - Resolves: rhbz#2230225 libreswan-4.12 is available
* Thu Jul 20 2023 Fedora Release Engineering <releng@fedoraproject.org> - 4.11-1.1
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Thu May 04 2023 Paul Wouters <paul.wouters@aiven.io> - 4.11-1
  - Update to 4.11 for CVE-2023-30570
* Wed Mar 01 2023 Paul Wouters <paul.wouters@aiven.io> - 4.10-1
  - Update to 4.10 for CVE-2023-23009
* Thu Jan 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 4.9-2.1
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Tue Jan 10 2023 Paul Wouters <paul.wouters@aiven.io> - 4.9-2
  - Use new GPG key location.
* Thu Oct 13 2022 Paul Wouters <paul.wouters@aiven.io> - 4.9-1
  - Update to 4.9 (maxbytes/maxpackets support, raw ECDSA support, misc fixes)

Files

/etc/ipsec.conf
/etc/ipsec.d
/etc/ipsec.d/policies
/etc/ipsec.d/policies/block
/etc/ipsec.d/policies/clear
/etc/ipsec.d/policies/clear-or-private
/etc/ipsec.d/policies/portexcludes.conf
/etc/ipsec.d/policies/private
/etc/ipsec.d/policies/private-or-clear
/etc/ipsec.secrets
/etc/logrotate.d/libreswan
/etc/pam.d/pluto
/run/pluto
/usr/lib/.build-id
/usr/lib/.build-id/15
/usr/lib/.build-id/15/aee97184316b9cbe59a9d72ab2c15d152de8e1
/usr/lib/.build-id/55
/usr/lib/.build-id/55/416f83a5907735fd7036756ba0d9dc0b377f1b
/usr/lib/.build-id/5a
/usr/lib/.build-id/5a/ee7e8c77588bd47df6c6fcb9f142c7b505022f
/usr/lib/.build-id/62
/usr/lib/.build-id/62/0d571663bbd304527210a33d3b8a7b04af8373
/usr/lib/.build-id/71
/usr/lib/.build-id/71/f459830d39a599ec859c57c668aef1ae3a1c29
/usr/lib/.build-id/8c
/usr/lib/.build-id/8c/46a88c44f6d7eecf2131939b49426c755d1ebf
/usr/lib/.build-id/93
/usr/lib/.build-id/93/588a1c03a89f2dbf551d90a2fe304b77ef52e6
/usr/lib/.build-id/a1
/usr/lib/.build-id/a1/9daaf8d3f221dbaff44fa082afa7e3c7ebaec2
/usr/lib/.build-id/a8
/usr/lib/.build-id/a8/7ac6293abd6944c11ffd0653461a5c012b7134
/usr/lib/.build-id/b5
/usr/lib/.build-id/b5/80682554724696f3f4ef1ce13078299d3e40af
/usr/lib/.build-id/e1
/usr/lib/.build-id/e1/608c36e75de8d5f7fbd0327a63b5698f68b8ef
/usr/lib/.build-id/ef
/usr/lib/.build-id/ef/e0e1ae018595d52958df656c85684d032620b4
/usr/lib/sysctl.d/50-libreswan.conf
/usr/lib/systemd/system/ipsec.service
/usr/lib/tmpfiles.d/libreswan.conf
/usr/libexec/ipsec
/usr/libexec/ipsec/_import_crl
/usr/libexec/ipsec/_plutorun
/usr/libexec/ipsec/_secretcensor
/usr/libexec/ipsec/_stackmanager
/usr/libexec/ipsec/_unbound-hook
/usr/libexec/ipsec/_updown
/usr/libexec/ipsec/_updown.xfrm
/usr/libexec/ipsec/addconn
/usr/libexec/ipsec/algparse
/usr/libexec/ipsec/auto
/usr/libexec/ipsec/barf
/usr/libexec/ipsec/cavp
/usr/libexec/ipsec/ecdsasigkey
/usr/libexec/ipsec/getpeercon_server
/usr/libexec/ipsec/letsencrypt
/usr/libexec/ipsec/look
/usr/libexec/ipsec/newhostkey
/usr/libexec/ipsec/pluto
/usr/libexec/ipsec/readwriteconf
/usr/libexec/ipsec/rsasigkey
/usr/libexec/ipsec/setup
/usr/libexec/ipsec/showhostkey
/usr/libexec/ipsec/showroute
/usr/libexec/ipsec/whack
/usr/sbin/ipsec
/usr/share/doc/libreswan
/usr/share/doc/libreswan/CHANGES
/usr/share/doc/libreswan/CHANGES.freeswan.pluto
/usr/share/doc/libreswan/CHANGES.openswan
/usr/share/doc/libreswan/COPYING
/usr/share/doc/libreswan/CREDITS
/usr/share/doc/libreswan/CREDITS.freeswan
/usr/share/doc/libreswan/CREDITS.openswan
/usr/share/doc/libreswan/LICENSE
/usr/share/doc/libreswan/PlutoFlow.png
/usr/share/doc/libreswan/PlutoFlow.svg
/usr/share/doc/libreswan/ProgrammingConventions.txt
/usr/share/doc/libreswan/README.IANA-PEN
/usr/share/doc/libreswan/README.XAUTH
/usr/share/doc/libreswan/README.labeledipsec
/usr/share/doc/libreswan/README.md
/usr/share/doc/libreswan/README.nss
/usr/share/doc/libreswan/README.rfcs
/usr/share/doc/libreswan/README.x509
/usr/share/doc/libreswan/examples
/usr/share/doc/libreswan/examples/hub-spoke.conf
/usr/share/doc/libreswan/examples/ipv6.conf
/usr/share/doc/libreswan/examples/l2tp-cert.conf
/usr/share/doc/libreswan/examples/l2tp-psk.conf
/usr/share/doc/libreswan/examples/linux-linux.conf
/usr/share/doc/libreswan/examples/oe-authnull.conf
/usr/share/doc/libreswan/examples/oe-dnssec-client.conf
/usr/share/doc/libreswan/examples/oe-dnssec-server.conf
/usr/share/doc/libreswan/examples/oe-exclude-dns.conf
/usr/share/doc/libreswan/examples/oe-letsencrypt-README.txt
/usr/share/doc/libreswan/examples/oe-letsencrypt-client.conf
/usr/share/doc/libreswan/examples/oe-letsencrypt-server.conf
/usr/share/doc/libreswan/examples/oe-upgrade-authnull.conf
/usr/share/doc/libreswan/examples/sysctl.conf
/usr/share/doc/libreswan/examples/xauth.conf
/usr/share/doc/libreswan/l2tp-overhead.txt
/usr/share/doc/libreswan/nss-howto.txt
/usr/share/doc/libreswan/opportunistic-v1.historic
/usr/share/doc/libreswan/opportunistic-v1.historic/opportunism-spec.txt
/usr/share/doc/libreswan/opportunistic-v1.historic/opportunism.nr
/usr/share/doc/libreswan/pluto-internals.txt
/usr/share/doc/libreswan/win2k-notes.txt
/usr/share/doc/libreswan/windows-cross-compile.txt
/usr/share/man/man5/ipsec.conf.5.gz
/usr/share/man/man5/ipsec.secrets.5.gz
/usr/share/man/man8/ipsec.8.gz
/usr/share/man/man8/ipsec__import_crl.8.gz
/usr/share/man/man8/ipsec__plutorun.8.gz
/usr/share/man/man8/ipsec__secretcensor.8.gz
/usr/share/man/man8/ipsec__stackmanager.8.gz
/usr/share/man/man8/ipsec__unbound-hook.8.gz
/usr/share/man/man8/ipsec__updown.8.gz
/usr/share/man/man8/ipsec__updown.xfrm.8.gz
/usr/share/man/man8/ipsec_addconn.8.gz
/usr/share/man/man8/ipsec_auto.8.gz
/usr/share/man/man8/ipsec_barf.8.gz
/usr/share/man/man8/ipsec_checknss.8.gz
/usr/share/man/man8/ipsec_ecdsasigkey.8.gz
/usr/share/man/man8/ipsec_import.8.gz
/usr/share/man/man8/ipsec_initnss.8.gz
/usr/share/man/man8/ipsec_letsencrypt.8.gz
/usr/share/man/man8/ipsec_look.8.gz
/usr/share/man/man8/ipsec_newhostkey.8.gz
/usr/share/man/man8/ipsec_pluto.8.gz
/usr/share/man/man8/ipsec_readwriteconf.8.gz
/usr/share/man/man8/ipsec_rsasigkey.8.gz
/usr/share/man/man8/ipsec_setup.8.gz
/usr/share/man/man8/ipsec_show.8.gz
/usr/share/man/man8/ipsec_showhostkey.8.gz
/usr/share/man/man8/ipsec_showroute.8.gz
/usr/share/man/man8/ipsec_vendorid.8.gz
/usr/share/man/man8/ipsec_verify.8.gz
/usr/share/man/man8/ipsec_whack.8.gz
/usr/share/man/man8/pluto.8.gz
/var/lib/ipsec
/var/lib/ipsec/nss

Generated by rpm2html 1.8.1

Fabrice Bellet, Fri Nov 15 08:31:45 2024