1.116. openswan

Updated openswan packages that fix a bug are now available for Red Hat Enterprise Linux 5 Extended Update Support.

Openswan is a free implementation of Internet Protocol Security (IPsec) and Internet Key Exchange (IKE). IPsec uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks.

This update fixes the following bug:

* Due to an error in a buffer initialization, the following message may have been written to the /var/log/secure log file during the IKE negotiation:

size ([size]) differs from size specified in ISAKMP HDR ([size])

Consequently, the establishment of secure connections could be significantly delayed. This update applies an upstream patch that resolves this issue, and the establishment of IPsec connections is no longer delayed. (BZ#680044)

All users of openswan are advised to upgrade to these updated packages, which resolve this issue.