Your message dated Fri, 28 Sep 2018 00:06:11 +0000
with message-id <[email protected]>
and subject line Bug#909291: fixed in libreswan 3.26-1
has caused the Debian Bug report #909291,
regarding libreswan: new upstream version 3.26 needs packaging
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
909291: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=909291
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: libreswan
Version: 3.25-2
Severity: wishlist
libreswan published version 3.26 a couple days ago. We should get it
packaged for debian.
--dkg
--- Begin Message ---
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
The Libreswan Project has released libreswan-3.26
This is a feature release with some minor bugfixes
New Features:
* Support for RSA-PSS (RFC 7427) via authby=rsa-sha2
* Support for ECDSA (RFC 7427) via authby=ecdsa-sha2
* Support for CHACHA20POLY1305 for IKE and ESP
Bugfixes:
* Fix optional key-length regression (in v3.25) with ESP proposal
* Be lenient with DH components in ESP when pfs=no
* Don't do bogus XAUTH message padding
* Fix traffic selector lookup for asymmetric conns
You can download libreswan via https at:
https: //download.libreswan.org/libreswan-3.26.tar.gz
https: //download.libreswan.org/libreswan-3.26.tar.gz.asc
The full changelog is available at:
https: //download.libreswan.org/CHANGES
Please report bugs either via one of the mailinglists or at our bug tracker:
https: //lists.libreswan.org/
https: //bugs.libreswan.org/
Binary packages for RHEL/EPEL and Debian/Ubuntu can be found at
https: //download.libreswan.org/binaries/
Binary packages for Fedora and Debian should be available in their respective
repositories a few days after this release.
See also https://libreswan.org/
v3.26 (September 16, 2018)
* IKEv2: Support for RSA-PSS (RFC 7427) via authby=rsa-sha2 [Sahana Prasad]
* IKEv2: Support for ECDSA (RFC 7427) via authby=ecdsa-sha2 [Sahana Prasad]
* IKEv2: Use DER handling code of NSS instead of our custom code [Andrew]
* IKEv2: Fix core dump when impaired and proposing esp=null-none [Andrew]
* IKEv2: Fix traffic selector lookup for asymmetric conns [Andrew/Paul]
* IKEv2: Add IKE and ESP support for chacha20poly1305 (RFC 7634) [Andrew]
* IKEv2: Fix leaks in ikev2_calculate_rsa_hash [Hugh]
* IKEv2: Simplify proposal generating [Hugh]
* IKEv1: Fix handling XAUTH empty passwords [Andrew]
* IKEv1: Fix XAUTH message padding [Hugh]
* IKEv1: Various code cleanup, next payload handling [Hugh]
* IKEv1: fix optional key-length regression (in v3.25) with ESP prop [Andrew]
* IKEv1: Don't delete replaced IKE SA, it confuses third party clients [Paul]
* pluto: Relax strictness of DH in ESP/AH proposals [Andrew]
* pluto: Fix for two roadwarriors using ID_IPv4 behind same NAT [Paul]
* pluto: Do not hand out old lease address for authby=secret conns [Paul]
* pluto: new --selftest option that exits pluto after startup tests [Paul]
* pluto: Updated known Vendor ID table [Paul]
* XFRM: Don't call init_pfkey() on boot so Linux upstream can kill it [Andrew]
*_unbound-hook: Fixup adding IPv4 pubkey, unbound now quotes arg as 1 [Paul]
* building: Fix listed patches for debian build [Paul]
* building: enable DH31 (curve25519) per default [Paul]
* testing: prepare to migrate from f22 to f28 [Andrew, Antony, Paul]
* Bugtracker bugs fixed:
#166 IPsec/XAuth reusing lease for multiple clients behind same NAT [Paul]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)
iQIcBAEBCgAGBQJbnyw4AAoJEIX/S0OzD8b5bsEP/Rb6SXkqFzW0N9o8pnurNwSl
LVDF2c3GwjGs0jHSvTlf5wKK5PTgDX18OxXb31rcQeivGLgv6wlgCynmqYiVxVMZ
gm7mjulC15PEI+DvGztRCDvYGBVMFr+lqVHYV8f25/InB0JW0bHE84TJRrudY9mV
xQBuyFHfv8eCHpYmjEz90wTHe6+9iXJPRlKcFZDxzZgLySgSlrVwnJ9Q32xrNrbC
WYBM4QjVAqgb4gLf7tOv7regMVP//YPaf1Xc9rbqYi6abdW4oNy8zS8N1ZkEYbo1
Ek7O8fcOeol5cSiF//G8z3gEZILlzFn1if3NQW0BrTiF2XQ7Z7tUUBpI9vCyH4Pw
5vOeaqrLUY4MZivxBdRiKYlZeBIdO+vT0VOpiyngjt6JS7MD72dHn4Tf+6rz9vbV
LyPeHVb+6JizqxJByI32Bn6O68u3uZ56VyJp8ATKLw51ii9IsMg+nwnS/DiSNgyp
irYNxYnRb5rChcP5qpLKsuB4kbGIu0ZTu1/e9cuvcYYNl/HSBcGyWpEuSbwJFL22
rskDEdCe9hhO0lcDFLZKljz6w4KkBS771kAP4J+XbIsoElHUjeiMU5oKDx+tsPZR
EE3vnv/58Mr6w8qNtCYE/sdoghRbCFHgyj0rOHV8Fr9V26RHNX8TQS5k80oVRzfj
kTmUHI2DQog0VqJ9LJi6
=MALs
-----END PGP SIGNATURE-----
_______________________________________________
Swan-announce mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan-announce
_______________________________________________
Swan-dev mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan-dev
--- End Message ---
--- End Message ---
--- Begin Message ---
Source: libreswan
Source-Version: 3.26-1
We believe that the bug you reported is fixed in the latest version of
libreswan, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Daniel Kahn Gillmor <[email protected]> (supplier of updated libreswan
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 27 Sep 2018 19:24:35 -0400
Source: libreswan
Binary: libreswan
Architecture: source
Version: 3.26-1
Distribution: unstable
Urgency: medium
Maintainer: Daniel Kahn Gillmor <[email protected]>
Changed-By: Daniel Kahn Gillmor <[email protected]>
Description:
libreswan - Internet Key Exchange daemon
Closes: 909291
Changes:
libreswan (3.26-1) unstable; urgency=medium
.
* new upstream release (Closes: #909291)
* refresh patches
* import two patches from upstream to avoid FTBFS
Checksums-Sha1:
711a13c6a9da1fb6f7760a6809fa8142a5f46428 1973 libreswan_3.26-1.dsc
4d7088288f53f9f60d12e20bb358a6149843fec9 3706205 libreswan_3.26.orig.tar.gz
84c5dd5f4d82df816715bfa4dbdb204968e0ad10 801 libreswan_3.26.orig.tar.gz.asc
8f9aba0aed9e1961a8a5d1aeea51caad47018400 15052 libreswan_3.26-1.debian.tar.xz
3cf116d2f8ace9d7bae29d46c5154752065c13d1 10412 libreswan_3.26-1_amd64.buildinfo
Checksums-Sha256:
7cfd9c230f10ec9f0ca0ac7bc8248f6bc245b38d93e7fde68c3cafc6eb96add0 1973
libreswan_3.26-1.dsc
16bc9dced31f8ecfabad55d31823f37f18dcdb3e0acae79b17acf14278f2dcc1 3706205
libreswan_3.26.orig.tar.gz
563f2753d4e0c4b08b3cba57074f09edcf91d3f747a8042183ba1b3c6366fa17 801
libreswan_3.26.orig.tar.gz.asc
c6dc9aff386a464ca5e60be1475c04dc819d222039e5361ababb2046b4811e8f 15052
libreswan_3.26-1.debian.tar.xz
0d73e3b1e5936eb7588f062211255eb73adb49d229a85c625b616775af76aeff 10412
libreswan_3.26-1_amd64.buildinfo
Files:
a10d4e83a97813971e69adffca3669ff 1973 net optional libreswan_3.26-1.dsc
941cdac614cd6450f9e20820fe22c5fc 3706205 net optional
libreswan_3.26.orig.tar.gz
042ce5b08313f73cf32aea76af6163cc 801 net optional
libreswan_3.26.orig.tar.gz.asc
132e8df4768125092b9ffdc14d0f7981 15052 net optional
libreswan_3.26-1.debian.tar.xz
ad3a97c1091b1952e320450add07764d 10412 net optional
libreswan_3.26-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iHUEARYKAB0WIQTTaP514aqS9uSbmdJsHx7ezFD6UwUCW61pBQAKCRBsHx7ezFD6
UwZCAQC7k5lqfdOJ2nfrfLfcY0LSRW8+9UHbM3wlGXYn+nNv1QEA0JPB8hqBSMWY
ODqwyHaiBi3z2eXv+EdPv0/KaD8mywQ=
=0JSH
-----END PGP SIGNATURE-----
--- End Message ---
