Ubuntu
strongswan package

strongswan 5.9.6-1ubuntu2 source package in Ubuntu

Changelog

strongswan (5.9.6-1ubuntu2) kinetic; urgency=medium

  * SECURITY UPDATE: Using Untrusted URIs for Revocation Checking
    - debian/patches/CVE-2022-40617.patch: do online revocation checks only
      after basic trust chain validation in
      src/libstrongswan/credentials/credential_manager.c.
    - CVE-2022-40617

 -- Marc Deslauriers <email address hidden>  Wed, 05 Oct 2022 08:11:03 -0400

Upload details

Uploaded by:
Marc Deslauriers
Uploaded to:
Kinetic
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
net
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
strongswan_5.9.6.orig.tar.bz2 4.5 MiB 91d0978ac448912759b85452d8ff0d578aafd4507aaf4f1c1719f9d0c7318ab7
strongswan_5.9.6.orig.tar.bz2.asc 659 bytes acabbbf24d51e501dc29b75248785ffaf86e950c2121ac99d92f3fce6166aa0e
strongswan_5.9.6-1ubuntu2.debian.tar.xz 127.5 KiB 863860ce3900438dacf82cf9d21ba19c8195388494c9f15b4b8b89a8a9b70af7
strongswan_5.9.6-1ubuntu2.dsc 3.6 KiB ec6d5a0059256154e0307defcd0b39a0b403aa5f5c05f86f9ad66dfc8bed86ad

Available diffs

View changes file

Binary packages built by this source

charon-cmd: standalone IPsec client

 The strongSwan VPN suite uses the native IPsec stack in the standard
 Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
 .
 This package contains the charon-cmd command, which can be used as a client to
 connect to a remote IKE daemon.

charon-cmd-dbgsym: debug symbols for charon-cmd
charon-systemd: strongSwan IPsec client, systemd support

 The strongSwan VPN suite uses the native IPsec stack in the standard
 Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
 .
 This package contains the charon-systemd files.

charon-systemd-dbgsym: debug symbols for charon-systemd
libcharon-extauth-plugins: strongSwan charon library (extended authentication plugins)

 The strongSwan VPN suite uses the native IPsec stack in the standard
 Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
 .
 This package provides extended authentication plugins for the charon library:
  - eap-mschapv2 (EAP-MSCHAPv2 protocol handler using passwords/NT hashes)
    Used for client side to connect to some VPN concentrators configured for
    Windows 7+ and modern OSX/iOS using IKEv2 (identify with public key,
    authenticate with MSCHAPv2).
  - xauth-generic (Generic XAuth backend that provides passwords from
    ipsec.secrets and other credential sets)
    Used for the client side to connect to VPN concentrators configured for
    Android and older OSX/iOS using IKEv1 and XAUTH (identify with public key,
    authenticate with XAUTH password).
 .
 These are the "not always, but still more commonly used" plugins, for further
 needs even more plugins can be found in the package libcharon-extra-plugins.

libcharon-extauth-plugins-dbgsym: debug symbols for libcharon-extauth-plugins
libcharon-extra-plugins: No summary available for libcharon-extra-plugins in ubuntu kinetic.

No description available for libcharon-extra-plugins in ubuntu kinetic.

libcharon-extra-plugins-dbgsym: No summary available for libcharon-extra-plugins-dbgsym in ubuntu kinetic.

No description available for libcharon-extra-plugins-dbgsym in ubuntu kinetic.

libstrongswan: No summary available for libstrongswan in ubuntu kinetic.

No description available for libstrongswan in ubuntu kinetic.

libstrongswan-dbgsym: debug symbols for libstrongswan
libstrongswan-extra-plugins: strongSwan utility and crypto library (extra plugins)

 The strongSwan VPN suite uses the native IPsec stack in the standard
 Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
 .
 This package provides extra plugins for the strongSwan utility and
 cryptographic library.
 .
 Included plugins are:
  - af-alg [linux] (AF_ALG Linux crypto API interface, provides
    ciphers/hashers/hmac/xcbc)
  - ccm (CCM cipher mode wrapper)
  - cmac (CMAC cipher mode wrapper)
  - ctr (CTR cipher mode wrapper)
  - curl (libcurl based HTTP/FTP fetcher)
  - curve25519 (support for Diffie-Hellman group 31 using Curve25519 and
    support for the Ed25519 digital signature algorithm for IKEv2)
  - gcrypt (Crypto backend based on libgcrypt, provides
    RSA/DH/ciphers/hashers/rng)
  - ldap (LDAP fetching plugin based on libldap)
  - ntru (key exchanged based on post-quantum computer NTRU)
  - padlock (VIA padlock crypto backend, provides AES128/SHA1)
  - pkcs11 (PKCS#11 smartcard backend)
  - rdrand (High quality / high performance random source using the Intel
    rdrand instruction found on Ivy Bridge processors)
  - test-vectors (Set of test vectors for various algorithms)
 .
 Also included is the libtpmtss library adding support for TPM plugin
 (https://wiki.strongswan.org/projects/strongswan/wiki/TpmPlugin)

libstrongswan-extra-plugins-dbgsym: debug symbols for libstrongswan-extra-plugins
libstrongswan-standard-plugins: strongSwan utility and crypto library (standard plugins)

 The strongSwan VPN suite uses the native IPsec stack in the standard
 Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
 .
 This package provides some common plugins for the strongSwan utility and
 cryptograhic library.
 .
 Included plugins are:
  - agent (RSA/ECDSA private key backend connecting to SSH-Agent)
  - gcm (GCM cipher mode wrapper)
  - openssl (Crypto backend based on OpenSSL, provides
    RSA/ECDSA/DH/ECDH/ciphers/hashers/HMAC/X.509/CRL/RNG)

libstrongswan-standard-plugins-dbgsym: debug symbols for libstrongswan-standard-plugins
strongswan: IPsec VPN solution metapackage

 The strongSwan VPN suite uses the native IPsec stack in the standard Linux
 kernel. It supports both the IKEv1 and IKEv2 protocols.
 .
 This metapackage installs the packages required to maintain IKEv1 and IKEv2
 connections via ipsec.conf or ipsec.secrets.

strongswan-charon: strongSwan Internet Key Exchange daemon

 The strongSwan VPN suite uses the native IPsec stack in the standard
 Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
 .
 charon is an IPsec IKEv2 daemon which can act as an initiator or a responder.
 It is written from scratch using a fully multi-threaded design and a modular
 architecture. Various plugins can provide additional functionality.

strongswan-charon-dbgsym: No summary available for strongswan-charon-dbgsym in ubuntu kinetic.

No description available for strongswan-charon-dbgsym in ubuntu kinetic.

strongswan-libcharon: No summary available for strongswan-libcharon in ubuntu kinetic.

No description available for strongswan-libcharon in ubuntu kinetic.

strongswan-libcharon-dbgsym: No summary available for strongswan-libcharon-dbgsym in ubuntu kinetic.

No description available for strongswan-libcharon-dbgsym in ubuntu kinetic.

strongswan-nm: No summary available for strongswan-nm in ubuntu kinetic.

No description available for strongswan-nm in ubuntu kinetic.

strongswan-nm-dbgsym: No summary available for strongswan-nm-dbgsym in ubuntu kinetic.

No description available for strongswan-nm-dbgsym in ubuntu kinetic.

strongswan-pki: No summary available for strongswan-pki in ubuntu kinetic.

No description available for strongswan-pki in ubuntu kinetic.

strongswan-pki-dbgsym: debug symbols for strongswan-pki
strongswan-scepclient: No summary available for strongswan-scepclient in ubuntu lunar.

No description available for strongswan-scepclient in ubuntu lunar.

strongswan-scepclient-dbgsym: No summary available for strongswan-scepclient-dbgsym in ubuntu kinetic.

No description available for strongswan-scepclient-dbgsym in ubuntu kinetic.

strongswan-starter: No summary available for strongswan-starter in ubuntu kinetic.

No description available for strongswan-starter in ubuntu kinetic.

strongswan-starter-dbgsym: No summary available for strongswan-starter-dbgsym in ubuntu kinetic.

No description available for strongswan-starter-dbgsym in ubuntu kinetic.

strongswan-swanctl: strongSwan IPsec client, swanctl command

 The strongSwan VPN suite uses the native IPsec stack in the standard
 Linux kernel. It supports both the IKEv1 and IKEv2 protocols.
 .
 This package contains the swanctl interface, used to configure a running
 charon daemon

strongswan-swanctl-dbgsym: No summary available for strongswan-swanctl-dbgsym in ubuntu kinetic.

No description available for strongswan-swanctl-dbgsym in ubuntu kinetic.