strongswan 5.7.1-1ubuntu1 source package in Ubuntu
Changelog
strongswan (5.7.1-1ubuntu1) disco; urgency=medium * Merge with Debian unstable (LP: #1806401). Remaining changes: - Clean up d/strongswan-starter.postinst: section about runlevel changes - Clean up d/strongswan-starter.postinst: Removed entire section on opportunistic encryption disabling - this was never in strongSwan and won't be see upstream issue #2160. - d/rules: Removed patching ipsec.conf on build (not using the debconf-managed config.) - d/ipsec.secrets.proto: Removed ipsec.secrets.inc reference (was used for debconf-managed include of private key). - Mass enablement of extra plugins and features to allow a user to use strongswan for a variety of extra use cases without having to rebuild. + d/control: Add required additional build-deps + d/control: Mention addtionally enabled plugins + d/rules: Enable features at configure stage + d/libbstrongswan-extra-plugins.install: Add plugins (so, lib, conf) + d/libstrongswan.install: Add plugins (so, conf) - d/strongswan-starter.install: Install pool feature, which is useful since we have attr-sql plugin enabled as well using it. - Add plugin kernel-libipsec to allow the use of strongswan in containers via this userspace implementation (please do note that this is still considered experimental by upstream). + d/libcharon-extra-plugins.install: Add kernel-libipsec components + d/control: List kernel-libipsec plugin at extra plugins description + d/p/dont-load-kernel-libipsec-plugin-by-default.patch: As upstream recommends to not load kernel-libipsec by default. - Relocate tnc plugin + debian/libcharon-extra-plugins.install: Drop tnc from extra plugins + Add new subpackage for TNC in d/strongswan-tnc-* and d/control - d/libstrongswan.install: Reorder conf and .so alphabetically - d/libstrongswan.install: Add kernel-netlink configuration files - Complete the disabling of libfast; This was partially accepted in Debian, it is no more packaging medcli and medsrv, but still builds and mentions it. + d/rules: Add --disable-fast to avoid build time and dependencies + d/control: Remove medcli, medsrv from package description - d/control: Mention mgf1 plugin which is in libstrongswan now - Add now built (since 5.5.1) libraries libtpmtss and nttfft to libstrongswan-extra-plugins (no deps from default plugins). - d/control, d/libcharon-{extras,standard}-plugins.install: Move charon plugins for the most common use cases from extra-plugins into a new standard-plugins package. This will allow those use cases without pulling in too much more plugins (a bit like the tnc package). Recommend that package from strongswan-libcharon. - d/usr.sbin.charon-systemd: allow to contact mysql for sql and attr-sql plugins (LP #1766240) - d/usr.lib.ipsec.charon: allow reading of own FDs (LP #1786250) * Added Changes: - d/p/lp1795813-mysql-Don-t-release-the-connection-if-transactions-a.patch: fix SIGSEGV when using mysql plugin (LP: #1795813) - d/usr.sbin.charon-systemd: allow CLUSTERIP for ha plugin (LP: #1773956) - executables need to be able to read map and execute themselves otherwise execution in some environments e.g. containers is blocked (LP: #1780534) + d/usr.lib.ipsec.stroke: add rmix permission to stroke binary + d/usr.lib.ipsec.lookip: add rmix permission to lookip binary - adapt "mass enablement of extra plugins" to match 5.7.x changes + d/rules: use new options for swima instead of swid + d/strongswan-tnc-server.install: add new sec updater tool + d/strongswan-tnc-client.install: add new sw-collector tool * Dropped (in Debian now): - SECURITY UPDATE: Insufficient input validation in gmp plugin (CVE-2018-17540) - SECURITY UPDATE: Insufficient input validation in gmp plugin (CVE-2018-16151 CVE-2018-16152) - d/usr.lib.ipsec.charon, d/usr/sbin/charon-systemd: Add support for usr-merge, thanks to Christian Ehrhardt. LP #1784023 strongswan (5.7.1-1) unstable; urgency=medium [ Ondřej Nový ] * d/copyright: Use https protocol in Format field * d/changelog: Remove trailing whitespaces * d/rules: Remove trailing whitespaces * d/control: Remove XS-Testsuite field, not needed anymore [ Yves-Alexis Perez ] * enable chapoly plugin (closes: #814927) * remove unused lintian overrides * New upstream version 5.7.1 - fix an integer underflow and subsequent heap buffer overflow in the gmp plugin triggered by crafted certificates with RSA keys with very small moduli (CVE-2018-17540) strongswan (5.7.0-1) unstable; urgency=medium * update AppArmor templates to handle usr merge (closes: #905082) * d/gbp.conf added, following DEP-14 * New upstream version 5.7.0 - include fixes for CVE-2018-16151 and CVE-2018-16152, potential Bleichenbacher-style low-exponent attacks leading to RSA signature forgery in gmp plugin. * d/control: fix typo in libstrongswan long description -- Christian Ehrhardt <email address hidden> Mon, 03 Dec 2018 15:18:31 +0100
Upload details
- Uploaded by:
- Christian Ehrhardt
- Uploaded to:
- Disco
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- net
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
strongswan_5.7.1.orig.tar.bz2 | 4.7 MiB | 006f9c9126e2a2f4e7a874b5e1bd2abec1bbbb193c8b3b3a4c6ccd8c2d454bec |
strongswan_5.7.1-1ubuntu1.debian.tar.xz | 134.5 KiB | f611d0ebd5550d747e4ecc2b50c7812f988f1525ecd02af0c4785a0261152ae2 |
strongswan_5.7.1-1ubuntu1.dsc | 3.8 KiB | 89c261bc6f8965602d4c4aca7b1a03c13079678fd0bcc54c834d0b8656dcac06 |
Available diffs
- diff from 5.6.3-1ubuntu5 to 5.7.1-1ubuntu1 (342.3 KiB)
Binary packages built by this source
- charon-cmd: No summary available for charon-cmd in ubuntu disco.
No description available for charon-cmd in ubuntu disco.
- charon-cmd-dbgsym: No summary available for charon-cmd-dbgsym in ubuntu disco.
No description available for charon-cmd-dbgsym in ubuntu disco.
- charon-systemd: No summary available for charon-systemd in ubuntu disco.
No description available for charon-systemd in ubuntu disco.
- charon-systemd-dbgsym: No summary available for charon-systemd-dbgsym in ubuntu disco.
No description available for charon-
systemd- dbgsym in ubuntu disco.
- libcharon-extra-plugins: No summary available for libcharon-extra-plugins in ubuntu disco.
No description available for libcharon-
extra-plugins in ubuntu disco.
- libcharon-extra-plugins-dbgsym: No summary available for libcharon-extra-plugins-dbgsym in ubuntu disco.
No description available for libcharon-
extra-plugins- dbgsym in ubuntu disco.
- libcharon-standard-plugins: No summary available for libcharon-standard-plugins in ubuntu disco.
No description available for libcharon-
standard- plugins in ubuntu disco.
- libcharon-standard-plugins-dbgsym: No summary available for libcharon-standard-plugins-dbgsym in ubuntu disco.
No description available for libcharon-
standard- plugins- dbgsym in ubuntu disco.
- libstrongswan: No summary available for libstrongswan in ubuntu disco.
No description available for libstrongswan in ubuntu disco.
- libstrongswan-dbgsym: No summary available for libstrongswan-dbgsym in ubuntu disco.
No description available for libstrongswan-
dbgsym in ubuntu disco.
- libstrongswan-extra-plugins: No summary available for libstrongswan-extra-plugins in ubuntu disco.
No description available for libstrongswan-
extra-plugins in ubuntu disco.
- libstrongswan-extra-plugins-dbgsym: No summary available for libstrongswan-extra-plugins-dbgsym in ubuntu disco.
No description available for libstrongswan-
extra-plugins- dbgsym in ubuntu disco.
- libstrongswan-standard-plugins: No summary available for libstrongswan-standard-plugins in ubuntu disco.
No description available for libstrongswan-
standard- plugins in ubuntu disco.
- libstrongswan-standard-plugins-dbgsym: No summary available for libstrongswan-standard-plugins-dbgsym in ubuntu disco.
No description available for libstrongswan-
standard- plugins- dbgsym in ubuntu disco.
- strongswan: No summary available for strongswan in ubuntu disco.
No description available for strongswan in ubuntu disco.
- strongswan-charon: No summary available for strongswan-charon in ubuntu disco.
No description available for strongswan-charon in ubuntu disco.
- strongswan-charon-dbgsym: No summary available for strongswan-charon-dbgsym in ubuntu disco.
No description available for strongswan-
charon- dbgsym in ubuntu disco.
- strongswan-libcharon: No summary available for strongswan-libcharon in ubuntu disco.
No description available for strongswan-
libcharon in ubuntu disco.
- strongswan-libcharon-dbgsym: No summary available for strongswan-libcharon-dbgsym in ubuntu disco.
No description available for strongswan-
libcharon- dbgsym in ubuntu disco.
- strongswan-nm: No summary available for strongswan-nm in ubuntu disco.
No description available for strongswan-nm in ubuntu disco.
- strongswan-nm-dbgsym: No summary available for strongswan-nm-dbgsym in ubuntu disco.
No description available for strongswan-
nm-dbgsym in ubuntu disco.
- strongswan-pki: No summary available for strongswan-pki in ubuntu disco.
No description available for strongswan-pki in ubuntu disco.
- strongswan-pki-dbgsym: No summary available for strongswan-pki-dbgsym in ubuntu disco.
No description available for strongswan-
pki-dbgsym in ubuntu disco.
- strongswan-scepclient: No summary available for strongswan-scepclient in ubuntu disco.
No description available for strongswan-
scepclient in ubuntu disco.
- strongswan-scepclient-dbgsym: No summary available for strongswan-scepclient-dbgsym in ubuntu disco.
No description available for strongswan-
scepclient- dbgsym in ubuntu disco.
- strongswan-starter: No summary available for strongswan-starter in ubuntu disco.
No description available for strongswan-starter in ubuntu disco.
- strongswan-starter-dbgsym: No summary available for strongswan-starter-dbgsym in ubuntu disco.
No description available for strongswan-
starter- dbgsym in ubuntu disco.
- strongswan-swanctl: No summary available for strongswan-swanctl in ubuntu disco.
No description available for strongswan-swanctl in ubuntu disco.
- strongswan-swanctl-dbgsym: No summary available for strongswan-swanctl-dbgsym in ubuntu disco.
No description available for strongswan-
swanctl- dbgsym in ubuntu disco.
- strongswan-tnc-base: No summary available for strongswan-tnc-base in ubuntu disco.
No description available for strongswan-tnc-base in ubuntu disco.
- strongswan-tnc-base-dbgsym: No summary available for strongswan-tnc-base-dbgsym in ubuntu disco.
No description available for strongswan-
tnc-base- dbgsym in ubuntu disco.
- strongswan-tnc-client: No summary available for strongswan-tnc-client in ubuntu disco.
No description available for strongswan-
tnc-client in ubuntu disco.
- strongswan-tnc-client-dbgsym: No summary available for strongswan-tnc-client-dbgsym in ubuntu disco.
No description available for strongswan-
tnc-client- dbgsym in ubuntu disco.
- strongswan-tnc-ifmap: No summary available for strongswan-tnc-ifmap in ubuntu disco.
No description available for strongswan-
tnc-ifmap in ubuntu disco.
- strongswan-tnc-ifmap-dbgsym: No summary available for strongswan-tnc-ifmap-dbgsym in ubuntu disco.
No description available for strongswan-
tnc-ifmap- dbgsym in ubuntu disco.
- strongswan-tnc-pdp: No summary available for strongswan-tnc-pdp in ubuntu disco.
No description available for strongswan-tnc-pdp in ubuntu disco.
- strongswan-tnc-pdp-dbgsym: No summary available for strongswan-tnc-pdp-dbgsym in ubuntu disco.
No description available for strongswan-
tnc-pdp- dbgsym in ubuntu disco.
- strongswan-tnc-server: No summary available for strongswan-tnc-server in ubuntu disco.
No description available for strongswan-
tnc-server in ubuntu disco.
- strongswan-tnc-server-dbgsym: No summary available for strongswan-tnc-server-dbgsym in ubuntu disco.
No description available for strongswan-
tnc-server- dbgsym in ubuntu disco.