Comment 0 for bug 1946905

Scheduled-For: 22.12
Upstream: tbd
Debian: 5.9.1-1
Ubuntu: 5.9.1-1ubuntu3

Debian typically updates strongswan every 1 months on average, but it was last updated 20.11 and looks overdue. Check back in on this monthly.

No release expected for strongswan this cycle

### New Debian Changes ###

strongswan (5.9.1-1) unstable; urgency=medium

  * New upstream version 5.9.1
  * d/patches: rebase against new upstream version
  * d/watch: update to version 4

 -- Yves-Alexis Perez <email address hidden> Wed, 11 Nov 2020 17:54:34 +0100

strongswan (5.9.0-1) unstable; urgency=medium

  * New upstream version 5.9.0

 -- Yves-Alexis Perez <email address hidden> Thu, 17 Sep 2020 10:21:30 +0200

strongswan (5.8.4-1) unstable; urgency=medium

  * New upstream version 5.8.4 (Closes: #956446)
  * d/rules: drop --as-needed from linker flags
  * d/control: update standards version to 4.5.0

 -- Yves-Alexis Perez <email address hidden> Thu, 30 Apr 2020 08:57:26 +0200

strongswan (5.8.2-2) unstable; urgency=medium

  * d/control: replace libip{4,6}tc-dev by libiptc-dev (Closes: #951016)
  * d/copyright updated

 -- Yves-Alexis Perez <email address hidden> Thu, 13 Feb 2020 22:46:40 +0100

strongswan (5.8.2-1) unstable; urgency=medium

  [ Jean-Michel Vourgère ]
  * README.Debian: Fixed typo

  [ Yves-Alexis Perez ]
  * d/control: replace iptables-dev b-dep by libip{4,6}tc-dev (Closes: #946148)
  * d/watch: use uscan special strings
  * New upstream version 5.8.2
  * d/control: update dh compat level to 12
  * strongswan-nm: update path for dbus service file
  * install DRBG plugin to libstrongswan
  * d/control: add ${misc:Pre-Depends} to strongswan-starter

 -- Yves-Alexis Perez <email address hidden> Wed, 01 Jan 2020 14:35:46 +0100

strongswan (5.8.1-1) unstable; urgency=medium

  * d/rules: disable http and stream tests under CI
  * New upstream version 5.8.1

 -- Yves-Alexis Perez <email address hidden> Fri, 18 Oct 2019 16:44:27 +0200

strongswan (5.8.0-2) unstable; urgency=medium

  [ Christian Ehrhardt ]
  * d/control: Mention mgf1 plugin which is in libstrongswan now
  * Complete the disabling of libfast
  * Clean up d/strongswan-starter.postinst: section about runlevel changes
  * Clean up d/strongswan-starter.postinst: opportunistic encryption
  * Enable kernel-libipsec for use of strongswan in containers
  * d/control, d/libcharon-{extras,extauth}-plugins.install: Add
    extauth-plugins package (Recommends)
  * apparmor: d/usr.lib.ipsec.charon: sync notify rule from charon-systemd
  * apparmor: fix apparmor denies reading the own FDs (LP: 1786250)
  * apparmor: d/usr.sbin.charon-systemd: allow CLUSTERIP for ha plugin
    (LP: 1773956)
  * apparmor: d/usr.lib.ipsec.stroke: executables need to be able to read map
    and execute themselves
  * apparmor: d/usr.lib.ipsec.lookip: executables need to be able to read map
    and execute themselves
  * apparmor: d/usr.sbin.swanctl: add apparmor rule for af-alg plugin
    (LP: 1807962)
  * d/control: libtpmtss is actually packaged in libstrongswan-extra-plugins

  [ Ryan Harper ]
  * Remove code related to unused debconf managed config

  [ Yves-Alexis Perez ]
  * ship xfrmi only on Linux, fix FTBFS on kfreebsd
  * d/libcharon-extra-plugins.install: drop plugins disabled in Debian
  * d/control: update standards version to 4.4.1
  * d/strongswan-starter.templates: drop runlevel_changes
  * let dh_installinit handle update-rc.d calls
  * d/salsa-ci.yml: add a salsa pipeline config
  * d/rules: drop dbgsym migration
  * strongswan-starter: update line number in lintian override

 -- Yves-Alexis Perez <email address hidden> Sat, 05 Oct 2019 15:03:59 +0200

strongswan (5.8.0-1) unstable; urgency=medium

  [ Christian Ehrhardt ]
  * Fix fails in debian CI (Closes: #926479)

  [ Simon Deziel ]
  * d/usr.lib.ipsec.charon, d/usr.sbin.charon-systemd: add CAP_SETPCAP to
    apparmor to allow dropping caps
  * d/usr.sbin.swanctl: add attach_disconnected to work inside containers
  * d/usr.sbin.charon-systemd: allow accessing the binary
  * d/usr.sbin.swanctl: allow reading own binary

### Old Ubuntu Delta ###

strongswan (5.9.1-1ubuntu3) impish; urgency=medium

  * Compile the tpm plugin against the tpm2 software stack (tss2)
    (Debian packaging cherry-pick, LP: #1940079)
    - d/rules: add the --enable-tss-tss2 configure flag
    - d/control: add Build-Depends: libtss2-dev

 -- Paride Legovini <email address hidden> Thu, 16 Sep 2021 11:40:38 +0200

strongswan (5.9.1-1ubuntu2) impish; urgency=medium

  * No-change rebuild due to OpenLDAP soname bump.

 -- Sergio Durigan Junior <email address hidden> Mon, 21 Jun 2021 18:09:22 -0400

strongswan (5.9.1-1ubuntu1) hirsute; urgency=medium

  * Merge with Debian unstable. Remaining changes:
    - d/control: strongswan-starter hard-depends on strongswan-charon,
      therefore bump the dependency from Recommends to Depends. At the same
      time avoid a circular dependency by dropping
      strongswan-charon->strongswan-starter from Depends to Recommends as the
      binaries can work without the services but not vice versa.
    - re-add post-quantum encryption algorithm (NTRU) (LP: 1863749)
      + d/control: mention plugins in package description
      + d/rules: enable ntru at build time
      + d/libstrongswan-extra-plugins.install: ship config and shared objects
    - Re-enable eap-{dynamic,peap} libcharon plugins (LP: 1878887)
      + d/control: update libcharon-extra-plugins description.
      + d/libcharon-extra-plugins.install: install .so and conf files.
      + d/rules: add plugins to the configuration arguments.
    - Remove conf files of plugins removed from libcharon-extra-plugins
      + The conf file of the following plugins were removed: eap-aka-3gpp2,
        eap-sim-file, eap-sim-pcsc, eap-sim, eap-simaka-pseudonym,
        eap-simaka-reauth, eap-simaka-sql, xauth-noauth.
      + Created d/libcharon-extra-plugins.maintscript to handle the removals
        properly.

 -- Christian Ehrhardt <email address hidden> Tue, 19 Jan 2021 12:39:11 +0100