added latest NEWS

author: Andreas Steffen <andreas.steffen@strongswan.org> 2009-07-17 22:54:23 +0200
committer: Andreas Steffen <andreas.steffen@strongswan.org> 2009-07-17 22:54:23 +0200
commit: aa74d70595785e70754d5a0705a6d817fb4924ae (patch)
tree: 85a5776f083a24b7a7156e7f281d940209219f91 /NEWS
parent: d9b67a9fc05dc86ee9b4135aafbc2130a1e4572f (diff)
download: strongswan-aa74d70595785e70754d5a0705a6d817fb4924ae.tar.bz2
strongswan-aa74d70595785e70754d5a0705a6d817fb4924ae.tar.xz
1 files changed, 12 insertions, 0 deletions
diff --git a/NEWS b/NEWS
index c3b631cc1..41915522f 100644
--- a/NEWS
+++ b/NEWS
@@ -1,12 +1,24 @@
 strongswan-4.3.3
 ----------------
 
+- The configuration option --enable-integrity-test plus the strongswan.conf
+  option libstrongswan.integrity_test = yes activate integrity tests
+  of the IKE daemons charon and pluto, libstrongswan and all loaded
+  plugins. Thus dynamic library misconfigurations and non-malicious file
+  manipulations can be reliably detected.
+
 - The new default setting libstrongswan.ecp_x_coordinate_only=yes allows
   IKEv1 interoperability with MS Windows using the ECP DH groups 19 and 20.
 
 - The IKEv1 pluto daemon now supports the AES-CCM and AES-GCM ESP
   authenticated encryption algorithms.
 
+- The IKEv1 pluto daemon now supports V4 OpenPGP keys.
+
+- The RDN parser vulnerability discovered by Orange Labs research team
+  was not completely fixed in version 4.3.2. Some more modifications
+  had to be applied to the asn1_length() function to make it robust.
+
 
 strongswan-4.3.2
 ----------------
author	Andreas Steffen <andreas.steffen@strongswan.org>	2009-07-17 22:54:23 +0200
committer	Andreas Steffen <andreas.steffen@strongswan.org>	2009-07-17 22:54:23 +0200
commit	aa74d70595785e70754d5a0705a6d817fb4924ae (patch)
tree	85a5776f083a24b7a7156e7f281d940209219f91 /NEWS
parent	d9b67a9fc05dc86ee9b4135aafbc2130a1e4572f (diff)
download	strongswan-aa74d70595785e70754d5a0705a6d817fb4924ae.tar.bz2 strongswan-aa74d70595785e70754d5a0705a6d817fb4924ae.tar.xz