libreswan-3.28 released. This is a major bugfix release. CHANGES: download.libreswan.org/CHANGES download.libreswan.org/libreswan-3.28… download.libreswan.org/libreswan-3.28…

libreswan-3.29 released for CVE-2019-10155 which affects libreswan, openswan and (older than 2012) strongswan versions. See libreswan.org/security/CVE-2…

libreswan-3.30 released. XFRMi virtual interface support, improved Opportunistic IPsec, improved performance. Details: download.libreswan.org/CHANGES

Thank your #VPN tech if you're working from home remotely today. Its a good week to have good #ipsec support. Libreswan

We published our initial Google's Season of Docs Projects Ideas page at libreswan.org/wiki/GSoD Now is the time to point out where our documentation lacks, and what parts you found most difficult. And perhaps a professional technical writer will be able to fix it soon #SOD

libreswan-4.0 released with IKE/ESP over TCP support (requires kernel 5.8+), custom ikeports for OCP/k8s, INTERMEDIATE exchange support, removal of obsolete crypto, improved ipsecX device support and now fully supports NetBSD. Details: download.libreswan.org/CHANGES

libreswan-4.1 released due to interoperability bug with some Cisco devices: lists.libreswan.org/pipermail/swan… (libreswan was too harsh rejecting instead of ignoring a bogus protocol ID value that some Cisco's send)

libreswan-4.2 released with Labeled IPsec support, enhanced OCP features, MOBIKE/NAT fixes, improved namespaces/docker usage, compile without IKEv1 support and more: download.libreswan.org/CHANGES

Thanks to @gsoc for selecting us again for another year of Google Summer of Code ! We are looking forward to it! summerofcode.withgoogle.com/organizations/…

libreswan-4.4 released with bugfixes for IKEv2 Labeled IPsec support, improved IPsec over TCP support, and automated #openbsd iked interop tests :) download.libreswan.org/CHANGES

we have moved away from #swan at freenode to #libreswan on libera.chat

libreswan-4.5 released with bugfixes for IKEv2 Labeled IPsec support, improved and improved multi subnet handling download.libreswan.org/CHANGES

libreswan-4.6 released to address a DoS issue, see libreswan.org/security/CVE-2… for details and patches. Full changelog at download.libreswan.org/CHANGES

libreswan-4.7 released with EAPTLS support, Android 12 interop fixes, and IPv6 support for FreeBSD/NetBSD download.libreswan.org/CHANGES

libreswan-4.8 released - raw ECDSA keys, CKAIDs with hardware tokens, ipsec-max-packets/bytes support nl.libreswan.org/CHANGES

libreswan-4.10 released for CVE-2023-23009 - Denial of Service attack possible via authenticated peers using malformed IKEv2 TS payload download.libreswan.org/CHANGES

ibreswan-4.11 released for CVE-2023-30570 - Denial of Service attack possible via unauthenticated peers when IKEv1 Aggressive Mode is in use. See libreswan.org/security/ for CVE info and patches

libreswan-4.12 released for CVE-2023-3871[012] - post authentication crashers on malformed packets. See libreswan.org/security/ for CVE info and patches - or just upgrade to 4.12 :)

libreswan-4.14 released for (low priority) CVE-2024-2357 - Crasher on misconfiguration possible, X.509 SAN IPv6 fix, TFC padding for AEAD fix. See libreswan.org/security/ for CVE info and patches - or just upgrade to 4.14 :) Also 5.0rc2 released, so go test!