[ Christian Ehrhardt ]
* d/control: Mention mgf1 plugin which is in libstrongswan now
* Complete the disabling of libfast
* Clean up d/strongswan-starter.postinst: section about runlevel changes
* Clean up d/strongswan-starter.postinst: opportunistic encryption
* Enable kernel-libipsec for use of strongswan in containers
* d/control, d/libcharon-{extras,extauth}-plugins.install: Add
extauth-plugins package (Recommends)
* apparmor: d/usr.lib.ipsec.charon: sync notify rule from charon-systemd
* apparmor: fix apparmor denies reading the own FDs (LP: 1786250)
* apparmor: d/usr.sbin.charon-systemd: allow CLUSTERIP for ha plugin
(LP: 1773956)
* apparmor: d/usr.lib.ipsec.stroke: executables need to be able to read map
and execute themselves
* apparmor: d/usr.lib.ipsec.lookip: executables need to be able to read map
and execute themselves
* apparmor: d/usr.sbin.swanctl: add apparmor rule for af-alg plugin
(LP: 1807962)
* d/control: libtpmtss is actually packaged in libstrongswan-extra-plugins
[ Ryan Harper ]
* Remove code related to unused debconf managed config
[ Yves-Alexis Perez ]
* ship xfrmi only on Linux, fix FTBFS on kfreebsd
* d/libcharon-extra-plugins.install: drop plugins disabled in Debian
* d/control: update standards version to 4.4.1
* d/strongswan-starter.templates: drop runlevel_changes
* let dh_installinit handle update-rc.d calls
* d/salsa-ci.yml: add a salsa pipeline config
* d/rules: drop dbgsym migration
* strongswan-starter: update line number in lintian override
[ Christian Ehrhardt ]
* Fix fails in debian CI (Closes: #926479)
[ Simon Deziel ]
* d/usr.lib.ipsec.charon, d/usr.sbin.charon-systemd: add CAP_SETPCAP to
apparmor to allow dropping caps
* d/usr.sbin.swanctl: add attach_disconnected to work inside containers
* d/usr.sbin.charon-systemd: allow accessing the binary
* d/usr.sbin.swanctl: allow reading own binary
* Merge with Debian unstable. Remaining changes:
- d/control: strongswan-starter hard-depends on strongswan-charon,
therefore bump the dependency from Recommends to Depends. At the same
time avoid a circular dependency by dropping
strongswan-charon->strongswan-starter from Depends to Recommends as the
binaries can work without the services but not vice versa.
- re-add post-quantum encryption algorithm (NTRU) (LP: 1863749)
+ d/control: mention plugins in package description
+ d/rules: enable ntru at build time
+ d/libstrongswan-extra-plugins.install: ship config and shared objects
- Re-enable eap-{dynamic,peap} libcharon plugins (LP: 1878887)
+ d/control: update libcharon-extra-plugins description.
+ d/libcharon-extra-plugins.install: install .so and conf files.
+ d/rules: add plugins to the configuration arguments.
- Remove conf files of plugins removed from libcharon-extra-plugins
+ The conf file of the following plugins were removed: eap-aka-3gpp2, eap-sim-file, eap-sim-pcsc, eap-sim, eap-simaka-pseudonym, eap-simaka-reauth, eap-simaka-sql, xauth-noauth.
+ Created d/libcharon-extra-plugins.maintscript to handle the removals
properly.
-- Christian Ehrhardt <email address hidden> Tue, 19 Jan 2021 12:39:11 +0100
Scheduled-For: 22.12
Upstream: tbd
Debian: 5.9.1-1
Ubuntu: 5.9.1-1ubuntu3
Debian typically updates strongswan every 1 months on average, but it was last updated 20.11 and looks overdue. Check back in on this monthly.
No release expected for strongswan this cycle
### New Debian Changes ###
strongswan (5.9.1-1) unstable; urgency=medium
* New upstream version 5.9.1
* d/patches: rebase against new upstream version
* d/watch: update to version 4
-- Yves-Alexis Perez <email address hidden> Wed, 11 Nov 2020 17:54:34 +0100
strongswan (5.9.0-1) unstable; urgency=medium
* New upstream version 5.9.0
-- Yves-Alexis Perez <email address hidden> Thu, 17 Sep 2020 10:21:30 +0200
strongswan (5.8.4-1) unstable; urgency=medium
* New upstream version 5.8.4 (Closes: #956446)
* d/rules: drop --as-needed from linker flags
* d/control: update standards version to 4.5.0
-- Yves-Alexis Perez <email address hidden> Thu, 30 Apr 2020 08:57:26 +0200
strongswan (5.8.2-2) unstable; urgency=medium
* d/control: replace libip{4,6}tc-dev by libiptc-dev (Closes: #951016)
* d/copyright updated
-- Yves-Alexis Perez <email address hidden> Thu, 13 Feb 2020 22:46:40 +0100
strongswan (5.8.2-1) unstable; urgency=medium
[ Jean-Michel Vourgère ]
* README.Debian: Fixed typo
[ Yves-Alexis Perez ]
* d/control: replace iptables-dev b-dep by libip{4,6}tc-dev (Closes: #946148)
* d/watch: use uscan special strings
* New upstream version 5.8.2
* d/control: update dh compat level to 12
* strongswan-nm: update path for dbus service file
* install DRBG plugin to libstrongswan
* d/control: add ${misc:Pre-Depends} to strongswan-starter
-- Yves-Alexis Perez <email address hidden> Wed, 01 Jan 2020 14:35:46 +0100
strongswan (5.8.1-1) unstable; urgency=medium
* d/rules: disable http and stream tests under CI
* New upstream version 5.8.1
-- Yves-Alexis Perez <email address hidden> Fri, 18 Oct 2019 16:44:27 +0200
strongswan (5.8.0-2) unstable; urgency=medium
[ Christian Ehrhardt ] starter. postinst: section about runlevel changes starter. postinst: opportunistic encryption {extras, extauth} -plugins. install: Add ipsec.charon: sync notify rule from charon-systemd charon- systemd: allow CLUSTERIP for ha plugin ipsec.stroke: executables need to be able to read map ipsec.lookip: executables need to be able to read map extra-plugins
* d/control: Mention mgf1 plugin which is in libstrongswan now
* Complete the disabling of libfast
* Clean up d/strongswan-
* Clean up d/strongswan-
* Enable kernel-libipsec for use of strongswan in containers
* d/control, d/libcharon-
extauth-plugins package (Recommends)
* apparmor: d/usr.lib.
* apparmor: fix apparmor denies reading the own FDs (LP: 1786250)
* apparmor: d/usr.sbin.
(LP: 1773956)
* apparmor: d/usr.lib.
and execute themselves
* apparmor: d/usr.lib.
and execute themselves
* apparmor: d/usr.sbin.swanctl: add apparmor rule for af-alg plugin
(LP: 1807962)
* d/control: libtpmtss is actually packaged in libstrongswan-
[ Ryan Harper ]
* Remove code related to unused debconf managed config
[ Yves-Alexis Perez ] extra-plugins. install: drop plugins disabled in Debian starter. templates: drop runlevel_changes
* ship xfrmi only on Linux, fix FTBFS on kfreebsd
* d/libcharon-
* d/control: update standards version to 4.4.1
* d/strongswan-
* let dh_installinit handle update-rc.d calls
* d/salsa-ci.yml: add a salsa pipeline config
* d/rules: drop dbgsym migration
* strongswan-starter: update line number in lintian override
-- Yves-Alexis Perez <email address hidden> Sat, 05 Oct 2019 15:03:59 +0200
strongswan (5.8.0-1) unstable; urgency=medium
[ Christian Ehrhardt ]
* Fix fails in debian CI (Closes: #926479)
[ Simon Deziel ] ipsec.charon, d/usr.sbin. charon- systemd: add CAP_SETPCAP to charon- systemd: allow accessing the binary
* d/usr.lib.
apparmor to allow dropping caps
* d/usr.sbin.swanctl: add attach_disconnected to work inside containers
* d/usr.sbin.
* d/usr.sbin.swanctl: allow reading own binary
### Old Ubuntu Delta ###
strongswan (5.9.1-1ubuntu3) impish; urgency=medium
* Compile the tpm plugin against the tpm2 software stack (tss2)
(Debian packaging cherry-pick, LP: #1940079)
- d/rules: add the --enable-tss-tss2 configure flag
- d/control: add Build-Depends: libtss2-dev
-- Paride Legovini <email address hidden> Thu, 16 Sep 2021 11:40:38 +0200
strongswan (5.9.1-1ubuntu2) impish; urgency=medium
* No-change rebuild due to OpenLDAP soname bump.
-- Sergio Durigan Junior <email address hidden> Mon, 21 Jun 2021 18:09:22 -0400
strongswan (5.9.1-1ubuntu1) hirsute; urgency=medium
* Merge with Debian unstable. Remaining changes: n-charon- >strongswan- starter from Depends to Recommends as the -extra- plugins. install: ship config and shared objects extra-plugins description. extra-plugins. install: install .so and conf files. extra-plugins
eap-sim- file, eap-sim-pcsc, eap-sim, eap-simaka- pseudonym,
eap-simaka- reauth, eap-simaka-sql, xauth-noauth. extra-plugins. maintscript to handle the removals
- d/control: strongswan-starter hard-depends on strongswan-charon,
therefore bump the dependency from Recommends to Depends. At the same
time avoid a circular dependency by dropping
strongswa
binaries can work without the services but not vice versa.
- re-add post-quantum encryption algorithm (NTRU) (LP: 1863749)
+ d/control: mention plugins in package description
+ d/rules: enable ntru at build time
+ d/libstrongswan
- Re-enable eap-{dynamic,peap} libcharon plugins (LP: 1878887)
+ d/control: update libcharon-
+ d/libcharon-
+ d/rules: add plugins to the configuration arguments.
- Remove conf files of plugins removed from libcharon-
+ The conf file of the following plugins were removed: eap-aka-3gpp2,
+ Created d/libcharon-
properly.
-- Christian Ehrhardt <email address hidden> Tue, 19 Jan 2021 12:39:11 +0100