Package: vpnc Version: 0.5.3+git20210125-1
Hi Andreas, the canonical way would be to open a bug against vpnc in the Debian BTS, which I'm doing right now (Cc:). I've had a brief look at the current upstream git version, and I think it should be easy to update the Debian package. However, as I've lost access to any ipsec VPN concentrator, once it compiles I have no way to test the resulting package. Do you know of any publicly available services, by chance? I guess I should make it more clear that I need to pass on maintenance of vpnc in Debian... Florian On Tue, May 10, 2022 at 02:59:56PM +0200, Andreas Erhard wrote: > Hi Florian, > > thank you very much for maintaining so many Debian packages. Concerning the > VPN-Client vpnc, I'd have an update proposal and could not find another > point of contact (such as "report outdated package" for Arch Linux) so > sorry for bothering you with this request. > > In the latest version, vpnc supports way stronger key exchange security. The > Modular Exponential (MODP) Diffie-Hellman groups 14 to 18 (2048 bits to 8192 > bits) as specified in RFC3526 are now supported. We also tested the enhanced > key exchange on a Cisco IPSec VPN appliance. > > The new version is already packaged in the extra repo for Arch Linux[1], > I've opened an issue for OpenWRT[2] as well which is pending at the moment. > > As the patches greatly improve the security and interoperability of vpnc, it > would be great to get this update included in Debian. How would be the best > procedure for that? > > Thank you very much, best regards from Tyrol > > Andreas Erhard > > [1] https://archlinux.org/packages/?name=vpnc > [2] https://github.com/openwrt/packages/issues/18477
