rpms/libreswan
7
0
Fork 0
Code Issues Pull Requests Releases Activity
157 Commits 10 Branches 47 Tags 614 KiB
2329760e6b
Commit Graph

134 Commits

Author SHA1 Message Date
Daiki Ueno
2329760e6b Fix auto=ondemand connection initialization with TCP 
Resolves: RHEL-51880
Signed-off-by: Daiki Ueno <dueno@redhat.com>
 2024-08-06 11:06:10 +09:00
Daiki Ueno
021b38cdf6 Re-introduce libreswan-4.6-ikev1-policy-defaults-to-drop.patch 
The patch was included in c9s but omitted when syncronized to Fedora.
Now that this is the default behavior in Libreswan 5, we want to keep
the patch to avoid any regressions.

Resolves: RHEL-52935
Signed-off-by: Daiki Ueno <dueno@redhat.com>
 2024-08-06 09:46:06 +09:00
Paul Wouters
32be2a6df3 - Update libreswan to 4.15 for CVE-2024-3652 
- Resolves rhbz#2274448 CVE-2024-3652 libreswan: IKEv1 default AH/ESP
  responder can crash and restart
- Allow "ipsec import" to try importing PKCS#12 non-interactively if
  there is no password

Resolves: RHEL-32481
 2024-06-28 06:41:02 +09:00
Paul Wouters
38ded79037 - Update to 4.14 for CVE-2024-2357 
* Security, see https://libreswan.org/security/CVE-2024-2357
* x509: unpack IPv6 general names based on length
* pluto: TFC padding was not set for AEAD algorithms

* Include now fixed ipcheck
* Exclude hunkcheck broken on s390x
* Remove obsoleted patch capng patch

Related: RHEL-32481
 2024-06-28 06:40:57 +09:00
Paul Wouters
9bd683c343 Convert to %autorelease and %autochangelog 
[skip changelog]

Related: RHEL-32481
 2024-06-28 06:40:53 +09:00
Troy Dawson
651a14b04a Bump release for June 2024 mass rebuild 2024-06-24 08:58:02 -07:00
Fedora Release Engineering
4b310aa3b1 Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild 2024-01-25 03:22:55 +00:00
Fedora Release Engineering
cae5d5397d Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild 2024-01-21 05:11:44 +00:00
Paul Wouters
d609d0e8ad
- Update libcap-ng patch, fix email addresses in changelog 2023-09-08 12:45:22 -04:00
Paul Wouters
9051f09a66
- Patch for handling libcap-ng return values and fix capng_apply() call 2023-09-06 09:10:17 -04:00
Paul Wouters
4abe9188eb
- Remove ipsec show and ipsec verify 
These commands are outdated, not very useful and cause a python
dependency that's big for some smaller deployments (eg openshift)
 2023-09-05 17:18:14 -04:00
Daiki Ueno
131d137825 Migrate License field to SPDX license identifier 
Signed-off-by: Daiki Ueno <dueno@redhat.com>
 2023-08-24 10:29:22 +09:00
Paul Wouters
67117b266a
- Update to 4.12 for CVE-2023-38710, CVE-2023-38711 and CVE-2023-38712 
- Resolves: rhbz#2230225 libreswan-4.12 is available
 2023-08-11 11:43:31 -04:00
Fedora Release Engineering
b3b4abc436 Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2023-07-20 11:56:51 +00:00
Paul Wouters
24737740dd
- Update to 4.11 for CVE-2023-30570 2023-05-04 10:44:38 -04:00
Paul Wouters
1de005450e
- Update to 4.10 for CVE-2023-23009 2023-02-28 21:29:21 -05:00
Fedora Release Engineering
02d01d8ef9 Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2023-01-19 17:19:12 +00:00
Paul Wouters
2b2374e75d
bump release 2023-01-10 13:58:10 -05:00
Paul Wouters
2865ae8e8c
update for new GPG key location 
This new keyfile also no longer uses SHA1, though it is the same
base key as before.
 2023-01-10 13:55:54 -05:00
Paul Wouters
6b164e4601
- Update to 4.9 (maxbytes/maxpackets support, raw ECDSA support, misc fixes) 2022-10-13 20:23:35 -04:00
Paul Wouters
025ee05fb3
use 'new' %make_build and %make_install macros 2022-08-25 20:45:28 -04:00
Fedora Release Engineering
4d953fe693 Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2022-07-21 18:50:58 +00:00
Paul Wouters
fe733530df
- Updated to 4.7 (EAPTLS support, bugfixes) 2022-05-24 18:11:40 -04:00
Fedora Release Engineering
a75a38e0d1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2022-01-20 17:07:57 +00:00
Paul Wouters
1290d06104
- Re-enable USE_DNSSEC again with patch to resolve header conflicts 2022-01-13 16:53:11 -05:00
Paul Wouters
a47e3c9245
- Resolves: CVE-2022-23094 
- Resolves: rhbz#2039604 libreswan-4.6 is available
- Add gpg key and signature check for build
- Temporarilly disable USE_DNSSEC in rawhide while we figure out openssl vs nss include clash
 2022-01-11 22:43:31 -05:00
Paul Wouters
6b9dd6c883
- Resolves rhbz#1996250 libreswan-4.5 is available 2021-08-26 12:10:55 +03:00
Paul Wouters
685ec15ac1
add Requires: for logrotate 2021-08-02 20:58:31 -04:00
Paul Wouters
3a50017748
- Resolves rhbz#1989198 libreswan should depend on procps-ng or pidof 2021-08-02 20:44:07 -04:00
Fedora Release Engineering
b36d311589 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2021-07-22 12:15:21 +00:00
Paul Wouters
7c4b294887
handle properly rpm sysctl config 
Move sysctl config to correct %{_sysctldir}.
Apply sysctl config on install.

See https://docs.fedoraproject.org/en-US/packaging-guidelines/#_binfmt_d_sysctl_d_and_tmpfiles_d
 2021-06-06 21:22:20 -04:00
Paul Wouters
0f00fff4b5
disable some testing tools that throw warnings on arm 2021-05-12 22:09:19 -04:00
Paul Wouters
8d7f98d414
add libreswan-4.4-ipcheck.patch to fixup some types for gcc. 2021-05-12 21:48:56 -04:00
Paul Wouters
73f45e85a5
- Resolves: rhbz#1952602 libreswan-4.4 is available 2021-05-12 17:00:47 -04:00
Zbigniew Jędrzejewski-Szmek
1f0b00f3c3 Rebuilt for updated systemd-rpm-macros 
See https://pagure.io/fesco/issue/2583.
 2021-03-02 16:13:33 +01:00
Paul Wouters
59cde94ccc - update to 4.3 (minor bugfix release) 2021-02-21 12:09:31 -05:00
Paul Wouters
fdf40a922f - Updated to 4.2 2021-02-02 20:53:35 -05:00
Fedora Release Engineering
534953ce2e - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2021-01-26 17:53:38 +00:00
Paul Wouters
7f24ffd5dc - Resolves: rhbz#1867580 pluto process frequently dumps core 
(disable USE_NSS_KDF until nss fixes have propagated)
 2020-12-19 20:01:58 -05:00
Adam Williamson
d84dd699b8 Rebuild for ldns soname bump 2020-12-19 09:27:06 -08:00
Adam Williamson
efc202e0cd Revert to 4.1-3 state to rebuild for ldns soname bump 2020-12-19 09:23:16 -08:00
Adam Williamson
14dc4ee423 Rebuild for ldns soname bump 2020-12-19 09:01:19 -08:00
Paul Wouters
3fdf599ac8 - Update to 4.2rc1 and disable USE_NSS_KDF for testing 2020-12-17 13:47:19 -05:00
Paul Wouters
ef86d999fc - Resolves: rhbz#1894381 Libreswan 4.1-2 breaks l2tp connection to Windows VPN server 2020-11-23 11:54:02 -05:00
Paul Wouters
39fea3799f * Mon Oct 26 10:21:57 EDT 2020 Paul Wouters <pwouters@redhat.com> - 4.1-2 
- Resolves: rhbz#1889538 libreswan's /var/lib/ipsec/nss missing
 2020-10-26 10:22:38 -04:00
Paul Wouters
bd85a3990f * Sun Oct 18 21:49:39 EDT 2020 Paul Wouters <pwouters@redhat.com> - 4.1-1 
- Updated to 4.1 - interop fix for Cisco
 2020-10-18 21:52:15 -04:00
Paul Wouters
7df3defc11 - Resolves: rhbz#1888448 libreswan-4.0 is available 2020-10-15 11:22:47 -04:00
Paul Wouters
edf019da09 - Rebuild for libevent 2.1.12 with a soname bump 2020-09-30 14:06:42 -04:00
Paul Wouters
c233ff19f3 temporarilly skip %{?__global_ldflags} to avoid gcc errors on armv7 
related to link lto-type-mismatch errors.
 2020-09-28 01:25:53 -04:00
Paul Wouters
9aec852f63 - Updated to 4.0rc1 2020-09-27 22:54:09 -04:00