lp:debian/lenny/openswan
- Get this branch:
- bzr branch lp:debian/lenny/openswan
Branch information
- Owner:
- Ubuntu branches
- Status:
- Mature
Recent revisions
- 14. By Moritz Muehlenhoff <email address hidden>
-
Depend on libcurl4-
openssl- dev instead of libcurl3-dev, otherwise
sbuild fails to install the needed deps - 13. By Rene Mayrhofer <email address hidden>
-
Maintainer-prepared security fix, using patch from Giuseppe Iuculano
<email address hidden> (many thanks for preparing it!):
* Fix ASN.1 parser bug that allows remote attackers to cause a DoS via an
X.509 certificate with crafted Relative Distinguished Names (RDNs), a
crafted UTCTIME string, or a crafted GENERALIZEDTIME string.
04-CVE-2009-2185. dpatch also cherry-picks commit
483f6bfd4a1b9e900cb352bb4214 ec1ce20016b7 from the openswan-2 git to
complete the CVE fix.
Fixes: CVE-2009-2185
Closes: #533837: two denial of service vulnerabilities
* Added patch to fix KLIPS compilation for kernel 2.6.26. Thanks to
Harald Jenny for providing this patch!
Closes: #522112: openswan-modules- source: Fails to build with kernel
2. 6.26 - 12. By Steffen Joeris <email address hidden>
-
* Non-maintainer upload by the security team
* Fix DoS issue via malicious Dead Peer Detection packet
Fixes: CVE-2009-0790 - 11. By Christian Perrier
-
* Non-maintainer upload.
* Fix insucure /tmp file creation. Patch by Frank Lichtenheld
(untested from his own words but better this than nothing)
Closes: #496374
* Fix pending l10n bugs. Debconf translations:
* Czech. Closes: #489437 - 10. By Rene Mayrhofer <email address hidden>
-
* Acknowledge our-priority-
are-the- users-thus- remove- docs NMU (nothing
personal, but documentation usually tends to be useful).
Closes: #390656
* Recommend linux-source instead of kernel-source.
Closes: #394664: Recommends unavailable kernel-source
* Update Japanese debconf translation.
Closes: #393176: openswan: [INTL:ja] Updated Japanese po-debconf
template translation (ja.po)
* Build-depend on po-debconf.
* Stop invoking /etc/init.d/ipsec directly in prerm. Use invoke-rc.d. - 9. By Joey Hess <email address hidden>
-
* NMU
* Remove additional non-free draft RFCs from upstream tarball.
Closes: #390656 - 8. By Steinar H. Gunderson
-
* Non-maintainer upload.
* debian/patches/ 01-ipcomp_ hippi.dpatch: Fix net/ipsec/ipcomp.c so it no
longer attempts to copy the "private" field of a struct_skbuff when
CONFIG_HIPPI is enabled; it was removed after 2.6.13, and this broke
compilation with 2.6.16, linux-patch-openswan and CONFIG_HIPPI.
(Closes: #363375) - 7. By Barry deFreese
-
* pluto_crypt.c Patch for unaligned.
- Thanks to Dave Miller
* Update build-dep to libopensc2-dev - 6. By Rene Mayrhofer <email address hidden>
-
Corrected PATCHNAME in the kernel-
patch-openswan unpatch script.
Closes: #344852: kernel-patch-openswan: PATCHNAME=openswan in apply script
but =freeswan in unpatch - 5. By Rene Mayrhofer <email address hidden>
-
Reasoning for urgency high: DoS security issues.
New upstream version. This is supposed to fix the other part of the DoS
problem.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:debian/squeeze/openswan