Re: Getting openswan 2.2.0 back into sarge
On Mar 24, 2005, at 2:39 AM, Rene Mayrhofer wrote: Hi all, [Please CC me in replies, I am currently not subscribed to this list.] As some have already noticed, openswan has been removed from testing a while ago, most probably because of bug #291274, which did not apply to package version 2.2.0-4 (the one that has been removed from testing). There are other problems with the 2.2.0 version such as #261892 which effectively cripples the network stack. -- Jamin W. Collins -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Getting openswan 2.2.0 back into sarge
Hi all, [Please CC me in replies, I am currently not subscribed to this list.] As some have already noticed, openswan has been removed from testing a while ago, most probably because of bug #291274, which did not apply to package version 2.2.0-4 (the one that has been removed from testing). As 2.3.0 upstream is currently not production quality (this is my personal opinion, since it basically triggers a DoS on 2.2.0 installations, cf. #292132), I did not work on getting it into testing. Of course, I have to admit that I have been lazy in not filing a RC bug report to prevent it from entering testing and fixing this bug. However, it looked like 2.3.1 might get released soon at that time, so I had decided to wait for it and push it into testing as soon as the new upstream is there. At the moment, 2.3.1 is nowhere to be seen and I would really like to have a working (and not DoS-triggering) openswan in testing. My current intention would be to get 2.2.0-4 back into testing, which worked well in all of my own tests (I am still using that particular version on many production boxes) and does not seem to be broken for other users. What is the general opinion on that? with best regards, Rene -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Getting openswan 2.2.0 back into sarge
Rene Mayrhofer wrote: Hi all, [Please CC me in replies, I am currently not subscribed to this list.] As some have already noticed, openswan has been removed from testing a while ago, most probably because of bug #291274, which did not apply to package version 2.2.0-4 (the one that has been removed from testing). As 2.3.0 You should have tagged the RC bug Sid. upstream is currently not production quality (this is my personal opinion, since it basically triggers a DoS on 2.2.0 installations, cf. #292132), I did Doesn't this mean that 2.2.0 is NOT release quality? It is a security problem if you can trigger a DoS on a package. not work on getting it into testing. Of course, I have to admit that I have been lazy in not filing a RC bug report to prevent it from entering testing and fixing this bug. However, it looked like 2.3.1 might get released soon at that time, so I had decided to wait for it and push it into testing as soon as the new upstream is there. At the moment, 2.3.1 is nowhere to be seen and I would really like to have a working (and not DoS-triggering) openswan in testing. My current intention would be to get 2.2.0-4 back into testing, which worked well in all of my own tests (I am still using that particular version on many production boxes) and does not seem to be broken for other users. What is the general opinion on that? The first step is to remove the current version from testing if it is not production quality. The second step is to locate the DoS problem in 2.2.0 The final step is to upload 1:2.2.0 or similar to unstable and wait for it to get to testing. - Adam -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
