Description
This strongswan update fixes several security and non security
issues.
- Disallow brainpool elliptic curve groups in fips mode (bnc#856322).
- Applied an upstream fix for a denial-of-service vulnerability, which can
be triggered by an IKEv2 Key Exchange payload, that contains the
Diffie-Hellman group 1025 (bsc#910491,CVE-2014-9221).
- Adjusted whilelist of approved algorithms in fips mode (bsc#856322).
- Updated strongswan-hmac package description (bsc#856322).
- Disabled explicit gpg validation; osc source_validator does it.
and so on