Debian
openswan package

lp:debian/lenny/openswan

  1. Lenny (5.0)
  2. lenny
Created by James Westby and last modified
Get this branch:
bzr branch lp:debian/lenny/openswan
Members of Ubuntu branches can upload to this branch. Log in for directions.

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Status:
Mature

Recent revisions

14. By Moritz Muehlenhoff <email address hidden>

Depend on libcurl4-openssl-dev instead of libcurl3-dev, otherwise
sbuild fails to install the needed deps

13. By Rene Mayrhofer <email address hidden>

Maintainer-prepared security fix, using patch from Giuseppe Iuculano
<email address hidden> (many thanks for preparing it!):
* Fix ASN.1 parser bug that allows remote attackers to cause a DoS via an
  X.509 certificate with crafted Relative Distinguished Names (RDNs), a
  crafted UTCTIME string, or a crafted GENERALIZEDTIME string.
  04-CVE-2009-2185.dpatch also cherry-picks commit
  483f6bfd4a1b9e900cb352bb4214ec1ce20016b7 from the openswan-2 git to
  complete the CVE fix.
  Fixes: CVE-2009-2185
  Closes: #533837: two denial of service vulnerabilities
* Added patch to fix KLIPS compilation for kernel 2.6.26. Thanks to
  Harald Jenny for providing this patch!
  Closes: #522112: openswan-modules-source: Fails to build with kernel
                   2.6.26

12. By Steffen Joeris <email address hidden>

* Non-maintainer upload by the security team
* Fix DoS issue via malicious Dead Peer Detection packet
  Fixes: CVE-2009-0790

11. By Christian Perrier

* Non-maintainer upload.
* Fix insucure /tmp file creation. Patch by Frank Lichtenheld
  (untested from his own words but better this than nothing)
  Closes: #496374
* Fix pending l10n bugs. Debconf translations:
* Czech. Closes: #489437

10. By Rene Mayrhofer <email address hidden>

* Acknowledge our-priority-are-the-users-thus-remove-docs NMU (nothing
  personal, but documentation usually tends to be useful).
  Closes: #390656
* Recommend linux-source instead of kernel-source.
  Closes: #394664: Recommends unavailable kernel-source
* Update Japanese debconf translation.
  Closes: #393176: openswan: [INTL:ja] Updated Japanese po-debconf
                   template translation (ja.po)
* Build-depend on po-debconf.
* Stop invoking /etc/init.d/ipsec directly in prerm. Use invoke-rc.d.

9. By Joey Hess <email address hidden>

* NMU
* Remove additional non-free draft RFCs from upstream tarball.
  Closes: #390656

8. By Steinar H. Gunderson

* Non-maintainer upload.
* debian/patches/01-ipcomp_hippi.dpatch: Fix net/ipsec/ipcomp.c so it no
  longer attempts to copy the "private" field of a struct_skbuff when
  CONFIG_HIPPI is enabled; it was removed after 2.6.13, and this broke
  compilation with 2.6.16, linux-patch-openswan and CONFIG_HIPPI.
  (Closes: #363375)

7. By Barry deFreese

* pluto_crypt.c Patch for unaligned.
  - Thanks to Dave Miller
* Update build-dep to libopensc2-dev

6. By Rene Mayrhofer <email address hidden>

Corrected PATCHNAME in the kernel-patch-openswan unpatch script.
Closes: #344852: kernel-patch-openswan: PATCHNAME=openswan in apply script
but =freeswan in unpatch

5. By Rene Mayrhofer <email address hidden>

Reasoning for urgency high: DoS security issues.
New upstream version. This is supposed to fix the other part of the DoS
problem.

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:debian/squeeze/openswan
This branch contains Public information 
Everyone can see this information.

Subscribers