libreswan (4.3-1+deb11u3) bullseye-security; urgency=high * use upstream patch for 4.2 and 4.3 -- Daniel Kahn Gillmor Fri, 03 Mar 2023 08:34:50 -0500 libreswan (4.3-1+deb11u2) bullseye-security; urgency=high * Fixes CVE-2023-23009 (Closes: #1031821) -- Daniel Kahn Gillmor Wed, 01 Mar 2023 13:11:05 -0500 libreswan (4.3-1+deb11u1) bullseye-security; urgency=high * Fixes CVE-2022-23094 -- Daniel Kahn Gillmor Wed, 12 Jan 2022 23:21:33 -0500 libreswan (4.3-1) unstable; urgency=medium * New upstream release * drop patches already upstream * refresh patches * d/copyright: drop unreferenced lib/libswan/initsubnet.c -- Daniel Kahn Gillmor Sun, 28 Feb 2021 12:01:15 -0500 libreswan (4.2-1) unstable; urgency=medium * New upstream release 4.2 * drop spelling patch already merged upstream * fix more spelling * move from USE_XAUTHPAM to USE_AUTHPAM, as recommended by upstream -- Daniel Kahn Gillmor Wed, 03 Feb 2021 19:37:09 -0500 libreswan (4.1-4) unstable; urgency=medium * supply the same flags during install as during build * embed a copy of AVA on platforms where NSS is missing it -- Daniel Kahn Gillmor Thu, 14 Jan 2021 17:21:32 -0500 libreswan (4.1-3) unstable; urgency=medium * Use proper toolchain feature tests (and include IPSEC_PROFILE) * make cryptocheck tests more verbose -- Daniel Kahn Gillmor Wed, 13 Jan 2021 15:28:30 -0500 libreswan (4.1-2) unstable; urgency=medium * change default development branch to debian/main * handle platforms without a stack-protector * Autodetect whether to use pure NSS for KDF * drop unnecessary rejection of KLIPS * make algparse test more verbose * Drop bsdmainutils as a dependency (Closes: #964535) -- Daniel Kahn Gillmor Tue, 12 Jan 2021 21:50:15 -0500 libreswan (4.1-1) unstable; urgency=medium * New upstream version (Closes: #957473, #966017) * Standards-Version: bumped to 4.5.1 (no changes needed) * Set upstream metadata fields: Bug-Database, Bug-Submit, Repository, Repository-Browse. * refresh patches * clean up debian/copyright, following upstream cleanup * indicate that neither of these patches need to be forwarded upstream * d/rules: track new compilation configuration from upstream * drop unneeded lintian overrides * clean up spelling * avoid shipping accidental backup files -- Daniel Kahn Gillmor Tue, 12 Jan 2021 09:24:42 -0500 libreswan (3.32-3) unstable; urgency=medium * allow stderr on CAVP tests -- Daniel Kahn Gillmor Thu, 28 May 2020 08:13:57 -0400 libreswan (3.32-2) unstable; urgency=medium * streamline autopkgtests -- Daniel Kahn Gillmor Tue, 26 May 2020 16:55:21 -0400 libreswan (3.32-1) unstable; urgency=medium [ Stephen Kitt ] * Remove the systemd dependency (Closes: #931858) [ Daniel Kahn Gillmor ] * New upstream version, fixing CVE-2020-1763 (Closes: #960458) * refresh patches, dropping those already applied upstream * Standards-Version: bump to 4.5.0 (no changes needed) * move to dh 13 * drop unneeded lintian-override * d/copyright: drop annotations for removed source * move subcommand executables from /usr/lib/ipsec to /usr/libexec/ipsec * fix upstream spelling errors * added buildtime and runtime checks that the crypto works as expected * include upstream patch to address subtle NSS API variance * autopkgtest: add CAVP/ACVP tests * use dh_auto_build instead of $(MAKE) when building * enable cross-building (Closes: #958355) * d/tests/opportunistic: avoid dropping into a pager if run from a terminal -- Daniel Kahn Gillmor Fri, 22 May 2020 18:33:46 -0400 libreswan (3.29-2) unstable; urgency=medium * Release to unstable * fix up more upstream orthography * standards-version: bump to 4.4.0 (no changes needed * change lintian override of spelling-error-in-copyright to match new reporting -- Daniel Kahn Gillmor Mon, 19 Aug 2019 18:57:33 -0400 libreswan (3.29-1) experimental; urgency=medium * New upstream release - fixes CVE 2019-10155 and CVE-2019-12312 (Closes: #930338, #929916) * refresh patches * d/watch: avoid development releases -- Daniel Kahn Gillmor Tue, 11 Jun 2019 07:24:44 +0100 libreswan (3.28-1) experimental; urgency=medium * new upstream release (to experimental due to freeze for buster) * refresh patches * fix spelling * fix upstream's broken barf shell script * Standards-Version: bump to 4.3.0 (no changes needed) * move to debhelper 12 * d/copyright: lib/libswan/{tto,ip}range.c were merged into ip_range.c -- Daniel Kahn Gillmor Tue, 11 Jun 2019 07:23:45 +0100 libreswan (3.27-6) unstable; urgency=medium * fix CVE-2019-10155 (closes: #930338) -- Daniel Kahn Gillmor Mon, 10 Jun 2019 23:04:05 +0100 libreswan (3.27-5) unstable; urgency=medium * fix CVE-2019-12312 (Closes: #929916) * bump Standards-Version to 4.3.0 (no changes needed) -- Daniel Kahn Gillmor Mon, 03 Jun 2019 19:36:16 -0400 libreswan (3.27-4) unstable; urgency=medium * order object files for reproducible linking -- Daniel Kahn Gillmor Tue, 16 Oct 2018 10:27:14 -0400 libreswan (3.27-3) unstable; urgency=medium * explicitly set ARCH for reproducibility -- Daniel Kahn Gillmor Mon, 15 Oct 2018 16:07:00 -0400 libreswan (3.27-2) unstable; urgency=medium * avoid Curve25519 when building against nss that does not support it * backport patch from upstream to clean up ia64 build -- Daniel Kahn Gillmor Mon, 15 Oct 2018 13:21:24 -0400 libreswan (3.27-1) unstable; urgency=medium * New upstream release. -- Daniel Kahn Gillmor Fri, 12 Oct 2018 16:55:36 -0400 libreswan (3.26-1) unstable; urgency=medium * new upstream release (Closes: #909291) * refresh patches * import two patches from upstream to avoid FTBFS -- Daniel Kahn Gillmor Thu, 27 Sep 2018 19:24:35 -0400 libreswan (3.25-2) unstable; urgency=medium * remove explicit list of libraries from Depends (Closes: #909203) * bump Standards-Version to 4.2.1 (no changes needed) -- Daniel Kahn Gillmor Fri, 21 Sep 2018 02:35:42 -0400 libreswan (3.25-1) unstable; urgency=medium * new upstream release * refresh patches -- Daniel Kahn Gillmor Wed, 27 Jun 2018 12:46:44 -0400 libreswan (3.23-6) unstable; urgency=medium * avoid -fstack-protector-all on ia64 -- Daniel Kahn Gillmor Tue, 19 Jun 2018 22:39:57 -0400 libreswan (3.23-5) unstable; urgency=medium * move to DEP-14 branch naming * Standards-Version: bump to 4.1.4 (no changes needed) * d/rules: drop unneeded PUBDIR definitions * drop spelling-error lintian overrides about Antony Antony (no longer needed) -- Daniel Kahn Gillmor Mon, 18 Jun 2018 12:45:39 -0400 libreswan (3.23-4) unstable; urgency=medium * d/tests/control: isolation-container → isolation-machine -- Daniel Kahn Gillmor Thu, 15 Feb 2018 12:03:58 -0500 libreswan (3.23-3) unstable; urgency=medium * d/tests/opportunistic: more details on failure -- Daniel Kahn Gillmor Wed, 14 Feb 2018 13:08:09 -0500 libreswan (3.23-2) unstable; urgency=medium * d/tests/opportunistic: do not fail on initial systemctl status * d/control: Rules-Requires-Root: no -- Daniel Kahn Gillmor Tue, 13 Feb 2018 10:59:46 -0500 libreswan (3.23-1) unstable; urgency=medium [ Daniel Kahn Gillmor ] * New upstream release * drop patches already upstream, refresh remaining patches [ Antony Antony ] * tests/opportunistic fix, asymetric dnssec test [ Daniel Kahn Gillmor ] * d/copyright: Format: use https * d/copyright: remove dropped file * avoid lintian complaint by skipping my skipped test :P (override_dh_auto_test-does-not-check-DEB_BUILD_PROFILES) * quit persecuting Antony Antony, again * fix spelling -- Daniel Kahn Gillmor Mon, 05 Feb 2018 16:23:59 -0500 libreswan (3.22-4) unstable; urgency=medium * conflict with strongswan-libcharon (Closes: #886842) * Standards-Version: bump to 4.1.3 (no changes needed) * move to debhelper 11 * Vcs: move to salsa.debian.org * clean up lintian overrides -- Daniel Kahn Gillmor Wed, 10 Jan 2018 12:01:37 -0500 libreswan (3.22-3) unstable; urgency=medium * add more dependencies to autopkgtest -- Daniel Kahn Gillmor Mon, 13 Nov 2017 02:56:05 +0800 libreswan (3.22-2) unstable; urgency=medium * fix debian c-i test so that it can ping -- Daniel Kahn Gillmor Sat, 11 Nov 2017 15:46:44 +0800 libreswan (3.22-1) unstable; urgency=medium * new upstream release * drop patches already applied upstream * include two new patches as requested by upstream * include ipsec version from upstream release (Closes: #879614) * Standards-Version: bump to 4.1.1 (no changes needed) -- Daniel Kahn Gillmor Sat, 11 Nov 2017 14:02:02 +0800 libreswan (3.21-2) unstable; urgency=medium [ Antony Antony ] * add systemd build dependency * Revert "USE_DNSSEC=false b/c upstream needs libunbound to link to libevent" * up libunbound2 build dependency to 1.6.5 [ Daniel Kahn Gillmor ] * bump standards-version to 4.1.0 (no changes needed) * move to python3 instead of python * accept Antony Antony's name for real * avoid lintian griping that we cannot fix * fix spelling -- Daniel Kahn Gillmor Tue, 26 Sep 2017 02:39:40 -0400 libreswan (3.21-1) experimental; urgency=medium * New upstream release * use systemd presets for default-disabled service * ensure that /run/pluto exists * add dependency on iptables * update build-dependencies to match upstream expectations * Standards-Version: bump to 4.0.1 (no changes needed) * Initial attempt at autopkgtest * USE_DNSSEC=false b/c upstream needs libunbound to link to libevent (and it does not, see #871675) -- Daniel Kahn Gillmor Thu, 10 Aug 2017 23:24:56 -0400 libreswan (3.21~rc5-1) experimental; urgency=medium [ Daniel Kahn Gillmor ] * new upstream release-candidate * bump Standards-Version to 4.0.0 (no changes needed) [ Antony Antony ] * add dns-root-data dependency and use root.key from it -- Daniel Kahn Gillmor Mon, 26 Jun 2017 16:56:09 -0400 libreswan (3.21~rc2-1) experimental; urgency=medium * new upstream release-candidate -- Daniel Kahn Gillmor Fri, 02 Jun 2017 09:58:40 -0400 libreswan (3.20-7) unstable; urgency=medium [ Laurent Bigonville ] * Enable SELinux/LABELED_IPSEC support (Closes: #861881) * Only depends against libcap-ng-dev on linux (Closes: #861887) -- Daniel Kahn Gillmor Fri, 05 May 2017 12:46:31 -0400 libreswan (3.20-6) unstable; urgency=medium * another batch of fixes for time_t on x32 -- Daniel Kahn Gillmor Tue, 21 Mar 2017 16:15:33 -0400 libreswan (3.20-5) unstable; urgency=medium * no stack-protector on alpha either * more fixes for x32 and time_t -- Daniel Kahn Gillmor Tue, 21 Mar 2017 12:14:08 -0400 libreswan (3.20-4) unstable; urgency=medium * still more x32 time_t printf fixes -- Daniel Kahn Gillmor Mon, 20 Mar 2017 22:11:22 -0400 libreswan (3.20-3) unstable; urgency=medium * more fixes for printing time_t on x32 * fix hppa workaround -- Daniel Kahn Gillmor Mon, 20 Mar 2017 21:24:09 -0400 libreswan (3.20-2) unstable; urgency=medium * avoid time_t printf problems on x32 * avoid -fstack-protector-all for hppa -- Daniel Kahn Gillmor Mon, 20 Mar 2017 18:51:29 -0400 libreswan (3.20-1) unstable; urgency=medium * New upstream release (Closes: #853507) * drop build-dep on dh-systemd, since it is now in debhelper itself -- Daniel Kahn Gillmor Mon, 20 Mar 2017 14:58:40 -0400 libreswan (3.19-2) unstable; urgency=medium * more fixes from upstream * Test proposal for mips and mipsel builds (trying to fix: #853947) * conflict directly with strongswan-starter (Closes: #836862) -- Daniel Kahn Gillmor Fri, 03 Feb 2017 12:22:16 -0500 libreswan (3.19-1) unstable; urgency=medium * drop patches already applied upstream, clean up remaining patches * cleaner build without KLIPS * fix spelling errors found by lintian * convert to debhelper 10 * use wrap-and-sort -ast to canonicalize debian metadata files * upload to unstable for wider testing -- Daniel Kahn Gillmor Wed, 25 Jan 2017 20:14:04 -0500 libreswan (3.18-1) experimental; urgency=low * Initial upload to debian experimental (Closes: #773459) -- Daniel Kahn Gillmor Sun, 19 Jun 2016 23:39:14 -0400