Ubuntu
openswan package

lp:ubuntu/hardy-updates/openswan

  1. Hardy (8.04)
  2. hardy-updates
Created by Ubuntu Package Importer and last modified
Get this branch:
bzr branch lp:ubuntu/hardy-updates/openswan
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Review team:
Ubuntu Development Team
Status:
Mature

Recent revisions

17. By Harald Jenny

* SECURITY UPDATE: symlink attack through predictable filenames in /tmp
  - debian/patches/02-fix-unsecure-tmp-file.dpatch: change
    programs/livetest/livetest.in to use mktemp for temporary file creation.
    Patch taken from Debian openswan 1:2.4.12+dfsg-1.3 package.
  - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496374
* SECURITY UPDATE: denial of service attack via malicious Dead Peer Detection
  packet
  - debian/patches/03-CVE-2009-0790.dpatch: adjust programs/pluto/demux.c to
    check for a possbile NULL value. Patch taken from Debian openswan
    1:2.4.12+dfsg-1.3+lenny1 package.
  - CVE-2009-0790
* SECURITY UPDATE: denial of service attack via specially crafted X.509
  certificate
  - debian/patches/04-CVE-2009-2185.dpatch: create include/oswtime.h and
    modify programs/pluto/asn1.c as well as lib/libopenswan/optionsfrom.c to
    do proper checks on certificate objects length. Patch taken from Debian
    openswan 1:2.4.12+dfsg-1.3+lenny2 package.
  - CVE-2009-2185
* SECURITY UPDATE: denial of service attack via deliberately interrupted
  IPSec connection attempt
  - debian/patches/05-2.4.9-CVE-2011-4073.dpatch: change
    programs/pluto/ikev1_continuations.h and programs/pluto/ikev1_quick.c to
    check for vanished ISAKMP SA in Quick Mode negotiation. Patch taken from
    Debian openswan 1:2.4.12+dfsg-1.3+lenny3 package and slightly modified.
  - CVE-2011-4073
(LP: #917754)

16. By Steve Kowalik

Rebuild for the libldap-2.3-0 -> libldap-2.4-2 transistion.

15. By Rene Mayrhofer <email address hidden>

* New upstream release.
* Add German debconf translation, but do not apply the patch to the English
  template. I do not agree that a space should be placed before a question
  mark, but feel free to correct me with references to some grammar material.
  Closes: #406029: openswan: [INTL:de] German po-debconf template translation
* Add Spanish debconf translation.
  Closes: #443613: [INTL:es] Spanish po-debconf template translation
* Drop the fileutils dependency, and thus no longer care about backports to
  woody.
  Closes: #368723: openswan: Cleanup of dependencies (fileutils)

14. By Rene Mayrhofer <email address hidden>

* New upstream release.
  Closes: #335074: openswan: ipsec.conf manpage doesn't include
                  {left|right}sourceip
  Closes: #357718: ipsec.conf(5): automatic and manual keying options are
                   not disjoint
  Closes: #357708: openswan: ipsec.secrets(5) does not document X.509 format
* Include Portugese debconf translation.
  Closes: #426927: openswan: [INTL:pt] Portuguese translation for debconf
                   messages
* Also remove .gitignore files in addition to the other cruft when building
  the binary package.
  Closes: #413914: shipping gitignore file
                   /usr/share/doc/openswan/doc/.gitignore

13. By Steve Kowalik

Rebuild for the libcurl transition mess.

12. By Michael Bienia

Rebuild for libcurl3 -> libcurl4-openssl.

11. By Christian Perrier

* Non-maintainer upload to fix pending l10n issues.
* Debconf translations:
  - German. Closes: #406029
  - Czech. Closes: #408648
  - Galician. Closes: #413023

10. By Rene Mayrhofer <email address hidden>

* Acknowledge our-priority-are-the-users-thus-remove-docs NMU (nothing
  personal, but documentation usually tends to be useful).
  Closes: #390656
* Recommend linux-source instead of kernel-source.
  Closes: #394664: Recommends unavailable kernel-source
* Update Japanese debconf translation.
  Closes: #393176: openswan: [INTL:ja] Updated Japanese po-debconf
                   template translation (ja.po)
* Build-depend on po-debconf.
* Stop invoking /etc/init.d/ipsec directly in prerm. Use invoke-rc.d.

9. By Joey Hess <email address hidden>

* NMU
* Remove additional non-free draft RFCs from upstream tarball.
  Closes: #390656

8. By Steinar H. Gunderson

* Non-maintainer upload.
* debian/patches/01-ipcomp_hippi.dpatch: Fix net/ipsec/ipcomp.c so it no
  longer attempts to copy the "private" field of a struct_skbuff when
  CONFIG_HIPPI is enabled; it was removed after 2.6.13, and this broke
  compilation with 2.6.16, linux-patch-openswan and CONFIG_HIPPI.
  (Closes: #363375)

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:ubuntu/precise/openswan
This branch contains Public information 
Everyone can see this information.

Subscribers