[ubuntu/lunar-proposed] strongswan 5.9.8-3ubuntu1 (Accepted)

Andreas Hasenack andreas at canonical.com
Thu Dec 15 19:34:15 UTC 2022 

strongswan (5.9.8-3ubuntu1) lunar; urgency=medium

  * Merge with Debian unstable (LP: #1993449). Remaining changes:
    - d/control: strongswan-starter hard-depends on strongswan-charon,
      therefore bump the dependency from Recommends to Depends. At the same
      time avoid a circular dependency by dropping
      strongswan-charon->strongswan-starter from Depends to Recommends as the
      binaries can work without the services but not vice versa.
    - re-add post-quantum encryption algorithm (NTRU) (LP #1863749)
      + d/control: mention plugins in package description
      + d/rules: enable ntru at build time
      + d/libstrongswan-extra-plugins.install: ship config and shared objects
    - Re-enable eap-{dynamic,peap} libcharon plugins (LP #1878887)
      + d/control: update libcharon-extra-plugins description.
      + d/libcharon-extra-plugins.install: install .so and conf files.
      + d/rules: add plugins to the configuration arguments.
    - Remove conf files of plugins removed from libcharon-extra-plugins
      + The conf file of the following plugins were removed: eap-aka-3gpp2,
        eap-sim-file, eap-sim-pcsc, eap-sim, eap-simaka-pseudonym,
        eap-simaka-reauth, eap-simaka-sql, xauth-noauth.
      + Created d/libcharon-extra-plugins.maintscript to handle the removals
        properly.
  * Dropped:
    - SECURITY UPDATE: Using Untrusted URIs for Revocation Checking
      + debian/patches/CVE-2022-40617.patch: do online revocation checks only
        after basic trust chain validation in
        src/libstrongswan/credentials/credential_manager.c.
      + CVE-2022-40617
        [Included upstream in 5.9.8]
  * Added:
    - d/t/{control,host-to-host,utils}: new host-to-host test
      (LP: #1999525)

Date: Tue, 13 Dec 2022 11:04:24 -0300
Changed-By: Andreas Hasenack <andreas at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/strongswan/5.9.8-3ubuntu1
-------------- next part --------------
Format: 1.8
Date: Tue, 13 Dec 2022 11:04:24 -0300
Source: strongswan
Built-For-Profiles: noudeb
Architecture: source
Version: 5.9.8-3ubuntu1
Distribution: lunar
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Andreas Hasenack <andreas at canonical.com>
Launchpad-Bugs-Fixed: 1993449 1999525
Changes:
 strongswan (5.9.8-3ubuntu1) lunar; urgency=medium
 .
   * Merge with Debian unstable (LP: #1993449). Remaining changes:
     - d/control: strongswan-starter hard-depends on strongswan-charon,
       therefore bump the dependency from Recommends to Depends. At the same
       time avoid a circular dependency by dropping
       strongswan-charon->strongswan-starter from Depends to Recommends as the
       binaries can work without the services but not vice versa.
     - re-add post-quantum encryption algorithm (NTRU) (LP #1863749)
       + d/control: mention plugins in package description
       + d/rules: enable ntru at build time
       + d/libstrongswan-extra-plugins.install: ship config and shared objects
     - Re-enable eap-{dynamic,peap} libcharon plugins (LP #1878887)
       + d/control: update libcharon-extra-plugins description.
       + d/libcharon-extra-plugins.install: install .so and conf files.
       + d/rules: add plugins to the configuration arguments.
     - Remove conf files of plugins removed from libcharon-extra-plugins
       + The conf file of the following plugins were removed: eap-aka-3gpp2,
         eap-sim-file, eap-sim-pcsc, eap-sim, eap-simaka-pseudonym,
         eap-simaka-reauth, eap-simaka-sql, xauth-noauth.
       + Created d/libcharon-extra-plugins.maintscript to handle the removals
         properly.
   * Dropped:
     - SECURITY UPDATE: Using Untrusted URIs for Revocation Checking
       + debian/patches/CVE-2022-40617.patch: do online revocation checks only
         after basic trust chain validation in
         src/libstrongswan/credentials/credential_manager.c.
       + CVE-2022-40617
         [Included upstream in 5.9.8]
   * Added:
     - d/t/{control,host-to-host,utils}: new host-to-host test
       (LP: #1999525)
Checksums-Sha1:
 40e1aff3b878964065f562a4ce0caf744f727331 3464 strongswan_5.9.8-3ubuntu1.dsc
 897843f9cd4ccefe4317218ecccb4cba32d2dc41 4747096 strongswan_5.9.8.orig.tar.bz2
 a87f89d9529ec1675c2a5c367a61e591c7be99ae 131840 strongswan_5.9.8-3ubuntu1.debian.tar.xz
 d84290fcc5d1d77114c512e586aa7b86dab89ed0 7412 strongswan_5.9.8-3ubuntu1_source.buildinfo
Checksums-Sha256:
 a46007146690430a9b00749fe6705d4c231f3ac344a51e707bec35a1e19ae068 3464 strongswan_5.9.8-3ubuntu1.dsc
 d3303a43c0bd7b75a12b64855e8edcb53696f06190364f26d1533bde1f2e453c 4747096 strongswan_5.9.8.orig.tar.bz2
 6c3c0f929bc1474b7f858df6536bd3ff1c603e8a1bf0352151257672a59ea351 131840 strongswan_5.9.8-3ubuntu1.debian.tar.xz
 4b0392d6fea3c0d88e60d6f3af1cfd2aff4969e52f6e4f48f22b6a07587fc827 7412 strongswan_5.9.8-3ubuntu1_source.buildinfo
Files:
 302b1afc1989db49517b407ceef79ee5 3464 net optional strongswan_5.9.8-3ubuntu1.dsc
 f46b0d3e7aed88824650d0721c887443 4747096 net optional strongswan_5.9.8.orig.tar.bz2
 ccf81dfda84603ae3c7536689f024ebd 131840 net optional strongswan_5.9.8-3ubuntu1.debian.tar.xz
 81bdfb50f7222060178f465ab0439f76 7412 net optional strongswan_5.9.8-3ubuntu1_source.buildinfo
Original-Maintainer: strongSwan Maintainers <pkg-swan-devel at lists.alioth.debian.org>
Vcs-Git: https://git.launchpad.net/~ahasenack/ubuntu/+source/strongswan
Vcs-Git-Commit: 9342b1df7744252a57b18447a3cb1b7d83b68251
Vcs-Git-Ref: refs/heads/lunar-strongswan-merge

More information about the lunar-changes mailing list