* Sat Jan 18 2014 Paul Wouters <pwouters@redhat.com> - 3.8-1

- Updated to 3.8, fixes rhbz#CVE-2013-6467 (rhbz#1054102)

.gitignore

@@ -4,3 +4,4 @@
 /libreswan-3.5.tar.gz
 /libreswan-3.6.tar.gz
 /libreswan-3.7.tar.gz
+/libreswan-3.8.tar.gz

libreswan.spec

@@ -16,13 +16,13 @@
 
 Name: libreswan
 Summary: IPsec implementation with IKEv1 and IKEv2 keying protocols
-Version: 3.7
+Version: 3.8
 Release: %{?prever:0.}1%{?prever:.%{prever}}%{?dist}
 License: GPLv2
 Url: https://www.libreswan.org/
 Source: https://download.libreswan.org/%{name}-%{version}%{?prever}.tar.gz
 Group: System Environment/Daemons
-BuildRequires: gmp-devel bison flex redhat-rpm-config pkgconfig
+BuildRequires: gmp-devel bison flex pkgconfig
 BuildRequires: systemd
 Requires(post): coreutils bash systemd
 Requires(preun): systemd
@@ -128,7 +128,7 @@ FS=$(pwd)
 %endif
 
 %install
-rm -rf ${RPM_BUILD_ROOT}
+rm -rf %{buildroot}
 %{__make} \
   DESTDIR=%{buildroot} \
   INC_USRLOCAL=%{_prefix} \
@@ -200,8 +200,12 @@ if [ ! -f %{_sysconfdir}/ipsec.d/cert8.db ] ; then
 fi
 
 %changelog
+* Sat Jan 18 2014 Paul Wouters <pwouters@redhat.com> - 3.8-1
+- Updated to 3.8, fixes rhbz#CVE-2013-6467 (rhbz#1054102)
+
 * Wed Dec 11 2013 Paul Wouters <pwouters@redhat.com> - 3.7-1
 - Updated to 3.7, fixes CVE-2013-4564
+- Fixes creating a bogus NSS db on startup (rhbz#1005410)
 
 * Thu Oct 31 2013 Paul Wouters <pwouters@redhat.com> - 3.6-1
 - Updated to 3.6 (IKEv2, MODECFG, Cisco interop fixes)

sources

@@ -1 +1 @@
-5ab889e6a0c3b157c8dcd59966090e2f  libreswan-3.7.tar.gz
+3c9912eebb98184594cc0f5dd15477f7  libreswan-3.8.tar.gz