Publishing details
Changelog
strongswan (5.9.11-1ubuntu1) mantic; urgency=medium
* Merge with Debian unstable (LP: #2018113). Remaining changes:
- d/control: strongswan-starter hard-depends on strongswan-charon,
therefore bump the dependency from Recommends to Depends. At the same
time avoid a circular dependency by dropping
strongswan-charon->strongswan-starter from Depends to Recommends as the
binaries can work without the services but not vice versa.
- re-add post-quantum encryption algorithm (NTRU) (LP #1863749)
+ d/control: mention plugins in package description
+ d/rules: enable ntru at build time
+ d/libstrongswan-extra-plugins.install: ship config and shared objects
- Re-enable eap-{dynamic,peap} libcharon plugins (LP #1878887)
+ d/control: update libcharon-extra-plugins description.
+ d/libcharon-extra-plugins.install: install .so and conf files.
+ d/rules: add plugins to the configuration arguments.
- Remove conf files of plugins removed from libcharon-extra-plugins
+ The conf file of the following plugins were removed: eap-aka-3gpp2,
eap-sim-file, eap-sim-pcsc, eap-sim, eap-simaka-pseudonym,
eap-simaka-reauth, eap-simaka-sql, xauth-noauth.
+ Created d/libcharon-extra-plugins.maintscript to handle the removals
properly.
- d/t/{control,host-to-host,utils}: new host-to-host test
(LP #1999525)
- d/usr.sbin.swanctl: allow "m" flag for /usr/sbin/swanctl
(LP #1999935)
* Dropped:
- SECURITY UPDATE: Incorrectly Accepted Untrusted Public Key With
Incorrect Refcount
+ debian/patches/CVE-2023-26463.patch: fix authentication bypass and
expired pointer dereference in src/libtls/tls_server.c.
+ CVE-2023-26463
[Fixed upstream in 5.9.10]
-- Andreas Hasenack <email address hidden> Fri, 23 Jun 2023 14:05:18 -0300
Builds
Built packages
-
charon-cmd
standalone IPsec client
-
charon-cmd-dbgsym
debug symbols for charon-cmd
-
charon-systemd
strongSwan IPsec client, systemd support
-
charon-systemd-dbgsym
debug symbols for charon-systemd
-
libcharon-extauth-plugins
strongSwan charon library (extended authentication plugins)
-
libcharon-extauth-plugins-dbgsym
debug symbols for libcharon-extauth-plugins
-
libcharon-extra-plugins
strongSwan charon library (extra plugins)
-
libcharon-extra-plugins-dbgsym
debug symbols for libcharon-extra-plugins
-
libstrongswan
strongSwan utility and crypto library
-
libstrongswan-dbgsym
debug symbols for libstrongswan
-
libstrongswan-extra-plugins
strongSwan utility and crypto library (extra plugins)
-
libstrongswan-extra-plugins-dbgsym
debug symbols for libstrongswan-extra-plugins
-
libstrongswan-standard-plugins
strongSwan utility and crypto library (standard plugins)
-
libstrongswan-standard-plugins-dbgsym
debug symbols for libstrongswan-standard-plugins
-
strongswan
IPsec VPN solution metapackage
-
strongswan-charon
strongSwan Internet Key Exchange daemon
-
strongswan-charon-dbgsym
debug symbols for strongswan-charon
-
strongswan-libcharon
strongSwan charon library
-
strongswan-libcharon-dbgsym
debug symbols for strongswan-libcharon
-
strongswan-nm
strongSwan plugin to interact with NetworkManager
-
strongswan-nm-dbgsym
debug symbols for strongswan-nm
-
strongswan-pki
strongSwan IPsec client, pki command
-
strongswan-pki-dbgsym
debug symbols for strongswan-pki
-
strongswan-starter
strongSwan daemon starter and configuration file parser
-
strongswan-starter-dbgsym
debug symbols for strongswan-starter
-
strongswan-swanctl
strongSwan IPsec client, swanctl command
-
strongswan-swanctl-dbgsym
debug symbols for strongswan-swanctl
Package files