Merge strongswan from Debian Unstable for questing
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| strongswan (Ubuntu) |
Fix Released
|
Undecided
|
Lukas Märdian | ||
Bug Description
Scheduled-For: ubuntu-25.06
Ubuntu: 5.9.13-2ubuntu4
Debian Unstable: 6.0.1-1
A new release of strongswan is available for merging from Debian Unstable.
If it turns out this needs a sync rather than a merge, please change the tag 'needs-merge' to 'needs-sync', and (optionally) update the title as desired.
If this merge pulls in a new upstream version, also consider adding an entry to the questing Release Notes: https:/
### New Debian Changes ###
strongswan (6.0.1-1) unstable; urgency=medium
* d/control: revert strongswan-charon to strongswan-starter dependency
(Closes: #1098714)
* New upstream version 6.0.1
- fix regression in DHCP handling (Closes: #1098857)
* d/strongswan-
-- Yves-Alexis Perez <email address hidden> Fri, 14 Mar 2025 18:55:38 +0100
strongswan (6.0.0-2) unstable; urgency=medium
* debian/tests: update tests dependencies for metapackage changes
* d/control: add breaks/replaces on libstrongswan to
libstrongsw
* d/control: add conflicts between strongswan-charon and charon-systemd
-- Yves-Alexis Perez <email address hidden> Fri, 21 Feb 2025 17:56:35 +0100
strongswan (6.0.0-1) unstable; urgency=medium
[ Carles Pina i Estany ]
* Added po-debconf Catalan translation
[ Yves-Alexis Perez ]
* New upstream version 6.0.0
* d/patches: rebase against new upstream
* handle removal of bliss and ntru plugins
* d/control: drop breaks/replaces against 5.5 version
* d/rules: force-enable curve25519 plugin
* Enable some upstream-disabled plugin but move them to -extra-plugin
* move openssl plugin to libstrongswan package
* d/control: update pkg-config b-dep to pkgconf
* d/control: update strongswan metapackage to switch from strongswan-starter
to strongswan-swanctl (Closes: #1085384)
* d/copyright updated for new release (Closes: #1039527)
* d/control: drop conflict with openswan, not in Debian anymore
* d/control: drop obsolete breaks/replaces
* move pgp plugin to the -extra-plugins package
* move sshkey plugin to the -standard-plugin package
* move kdf and xcbc plugins to the -extra-plugins package
* move fips-prf to the -extra-plugins package
* update NEWS with info about the plugins moves
* d/control: update standards version to 4.7.1
-- Yves-Alexis Perez <email address hidden> Fri, 21 Feb 2025 14:09:27 +0100
### Old Ubuntu Delta ###
strongswan (5.9.13-2ubuntu4) noble; urgency=medium
* No-change rebuild for CVE-2024-3094
-- William Grant <email address hidden> Mon, 01 Apr 2024 15:55:30 +1100
strongswan (5.9.13-2ubuntu3) noble; urgency=medium
* No-change rebuild against libcurl4t64
-- Steve Langasek <email address hidden> Sat, 16 Mar 2024 07:03:41 +0000
strongswan (5.9.13-2ubuntu2) noble; urgency=medium
* No-change rebuild against libssl3t64
-- Steve Langasek <email address hidden> Mon, 04 Mar 2024 21:28:04 +0000
strongswan (5.9.13-2ubuntu1) noble; urgency=medium
* Merge with Debian unstable (LP: #2050099). Remaining changes:
- d/control: strongswan-starter hard-depends on strongswan-charon,
therefore bump the dependency from Recommends to Depends. At the same
time avoid a circular dependency by dropping
strongswa
binaries can work without the services but not vice versa.
- re-add post-quantum encryption algorithm (NTRU) (LP #1863749)
+ d/control: mention plugins in package description
+ d/rules: enable ntru at build time
+ d/libstrongswan
- Re-enable eap-{dynamic,peap} libcharon plugins (LP #1878887)
+ d/control: update libcharon-
+ d/libcharon-
+ d/rules: add plugins to the configuration arguments.
- Remove conf files of plugins removed from libcharon-
+ The conf file of the following plugins were removed: eap-aka-3gpp2,
+ Created d/libcharon-
properly.
- d/t/{control,
(LP #1999525)
- d/usr.sbin.swanctl: allow "m" flag for /usr/sbin/swanctl
(LP #1999935)
-- Andreas Hasenack <email address hidden> Mon, 22 Jan 2024 11:48:33 -0300
Related branches
- git-ubuntu bot: Approve
- Lena Voytek (community): Approve
- Canonical Server Reporter: Pending requested
- Canonical Server: Pending requested
- Canonical Server Core Reviewers: Pending requested
-
Diff: 2749 lines (+2466/-4)8 files modifieddebian/changelog (+1982/-0)
debian/control (+7/-3)
debian/libcharon-extra-plugins.install (+6/-0)
debian/rules (+2/-0)
debian/tests/control (+6/-0)
debian/tests/host-to-host (+401/-0)
debian/tests/utils (+61/-0)
debian/usr.sbin.swanctl (+1/-1)
CVE References
| Changed in strongswan (Ubuntu): | |
| milestone: | none → ubuntu-25.06 |
| Changed in strongswan (Ubuntu): | |
| assignee: | nobody → Andreas Hasenack (ahasenack) |
| Changed in strongswan (Ubuntu): | |
| assignee: | Andreas Hasenack (ahasenack) → Lukas Märdian (slyon) |
| milestone: | ubuntu-25.06 → ubuntu-25.07 |
| Changed in strongswan (Ubuntu): | |
| status: | New → In Progress |
| Changed in strongswan (Ubuntu): | |
| status: | In Progress → Fix Committed |
| Launchpad Janitor (janitor) wrote | #1 |
| Changed in strongswan (Ubuntu): | |
| status: | Fix Committed → Fix Released |
This bug was fixed in the package strongswan - 6.0.1-6ubuntu2
---------------
strongswan (6.0.1-6ubuntu2) questing; urgency=medium
* Cherry-pick upstream commits to fix FTBFS with GCC-15 C23.
- debian/
strongswan (6.0.1-6ubuntu1) questing; urgency=medium
* Merge with Debian unstable (LP: #2110449). Remaining changes:
- d/control: strongswan-starter hard-depends on strongswan-charon,
therefore bump the dependency from Recommends to Depends. At the same
time avoid a circular dependency by dropping
strongswa
binaries can work without the services but not vice versa.
- Re-enable eap-{dynamic,peap} libcharon plugins (LP #1878887)
+ d/control: update libcharon-
+ d/libcharon-
+ d/rules: add plugins to the configuration arguments.
- d/t/{control,
(LP #1999525)
- d/usr.sbin.swanctl: allow "m" flag for /usr/sbin/swanctl
(LP #1999935)
* Drop changes:
- re-add post-quantum encryption algorithm (NTRU) (LP #1863749)
[ deprecated & dropped upstream as of 6.0.0 ]
- Remove conf files of plugins removed from libcharon-
[ Not relevant anymore after > 1 LTS cyle ]
strongswan (6.0.1-6) unstable; urgency=medium
* d/control: keep strongswan-charon and strongswan-starter as acceptable
dependencies for strongswan
(Closes: #1109510)
strongswan (6.0.1-5) unstable; urgency=medium
* autopkgtests: wait a bit to make sure daemons are started
strongswan (6.0.1-4) unstable; urgency=medium
* autopkgtest: make sure the charon daemon is started
strongswan (6.0.1-3) unstable; urgency=medium
* autopkgtest: daemon test also requires strongswan-charon
strongswan (6.0.1-2) unstable; urgency=medium
* autopkgtest: plugins uses the strongswan-starter service
* d/control: add conflicts against libreswan
strongswan (6.0.1-1) unstable; urgency=medium
* d/control: revert strongswan-charon to strongswan-starter dependency
(Closes: #1098714)
* New upstream version 6.0.1
- fix regression in DHCP handling (Closes: #1098857)
* d/strongswan-
strongswan (6.0.0-2) unstable; urgency=medium
* debian/tests: update tests dependencies for metapackage changes
* d/control: add breaks/replaces on libstrongswan to
libstrongsw
* d/control: add conflicts between strongswan-charon and charon-systemd
strongswan (6.0.0-1) unstable; urgency=medium
[ Carles Pina i Estany ]
* Added po-debconf Catalan translation
[ Yves-Alexis Perez ]
* New upstream version 6.0.0
* d/patches: rebase against new upstream
* handle removal of bliss and ntru plugins
* d/control: drop breaks/replaces against 5.5 version
* d/rules: force-enable curve25519 plugin
* Enable some upstream-disabled plugin but move them to -extra-plugin
* move openssl plugin to libstrongswan package
* d/control: update pkg-config b-dep to pkgconf
* d/control: update strongswan metapackage to sw...