9bd683c343
[skip changelog] Related: RHEL-32481
333 lines
14 KiB
Plaintext
333 lines
14 KiB
Plaintext
* Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 4.12-3.3
|
|
- Bump release for June 2024 mass rebuild
|
|
|
|
* Thu Jan 25 2024 Fedora Release Engineering <releng@fedoraproject.org> - 4.12-3.2
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
|
|
|
|
* Sun Jan 21 2024 Fedora Release Engineering <releng@fedoraproject.org> - 4.12-3.1
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
|
|
|
|
* Fri Sep 08 2023 Paul Wouters <paul.wouters@aiven.io> - 4.12-3
|
|
- Update libcap-ng patch, fix email addresses in changelog
|
|
|
|
* Tue Sep 05 2023 Paul Wouters <paul.wouters@aiven.io> - 4.12-2
|
|
- Remove ipsec show and ipsec verify sub commands (not very useful, causes python requirement)
|
|
- Patch for handling libcap-ng return values and fix capng_apply() call
|
|
|
|
* Fri Aug 11 2023 Paul Wouters <paul.wouters@aiven.io> - 4.12-1
|
|
- Update to 4.12 for CVE-2023-38710, CVE-2023-38711 and CVE-2023-38712
|
|
- Resolves: rhbz#2230225 libreswan-4.12 is available
|
|
|
|
* Thu Jul 20 2023 Fedora Release Engineering <releng@fedoraproject.org> - 4.11-1.1
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
|
|
|
|
* Thu May 04 2023 Paul Wouters <paul.wouters@aiven.io> - 4.11-1
|
|
- Update to 4.11 for CVE-2023-30570
|
|
|
|
* Wed Mar 01 2023 Paul Wouters <paul.wouters@aiven.io> - 4.10-1
|
|
- Update to 4.10 for CVE-2023-23009
|
|
|
|
* Thu Jan 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 4.9-2.1
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
|
|
|
|
* Tue Jan 10 2023 Paul Wouters <paul.wouters@aiven.io> - 4.9-2
|
|
- Use new GPG key location.
|
|
|
|
* Thu Oct 13 2022 Paul Wouters <paul.wouters@aiven.io> - 4.9-1
|
|
- Update to 4.9 (maxbytes/maxpackets support, raw ECDSA support, misc fixes)
|
|
|
|
* Thu Jul 21 2022 Fedora Release Engineering <releng@fedoraproject.org> - 4.7-1.1
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
|
|
|
|
* Tue May 24 2022 Paul Wouters <paul.wouters@aiven.io> - 4.7-1
|
|
- Updated to 4.7 (EAPTLS support, bugfixes)
|
|
|
|
* Thu Jan 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 4.6-2.1
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
|
|
|
|
* Thu Jan 13 2022 Paul Wouters <paul.wouters@aiven.io> - 4.6-2
|
|
- Re-enable USE_DNSSEC again with patch to resolve header conflicts
|
|
|
|
* Wed Jan 12 2022 Paul Wouters <paul.wouters@aiven.io> - 4.6-1
|
|
- Resolves: CVE-2022-23094
|
|
- Resolves: rhbz#2039604 libreswan-4.6 is available
|
|
- Add gpg key and signature check for build
|
|
- Temporarilly disable USE_DNSSEC in rawhide while we figure out openssl vs nss include clash
|
|
|
|
* Thu Aug 26 2021 Paul Wouters <paul.wouters@aiven.io> - 4.5-1
|
|
- Resolves rhbz#1996250 libreswan-4.5 is available
|
|
|
|
* Tue Aug 03 2021 Paul Wouters <paul.wouters@aiven.io> - 4.4-3
|
|
- Resolves rhbz#1989198 libreswan should depend on procps-ng or pidof
|
|
|
|
* Thu Jul 22 2021 Fedora Release Engineering <releng@fedoraproject.org> - 4.4-2.1
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
|
|
|
|
* Mon Jun 07 2021 Paul Wouters <paul.wouters@aiven.io> - 4.4-2
|
|
- Properly handle rpm sysctl config
|
|
|
|
* Wed May 12 2021 Paul Wouters <paul.wouters@aiven.io> - 4.4-1
|
|
- Resolves: rhbz#1952602 libreswan-4.4 is available
|
|
|
|
* Tue Mar 02 2021 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 4.3-1.1
|
|
- Rebuilt for updated systemd-rpm-macros
|
|
See https://pagure.io/fesco/issue/2583.
|
|
|
|
* Sun Feb 21 2021 Paul Wouters <pwouters@redhat.com> - 4.3-1
|
|
- update to 4.3 (minor bugfix release)
|
|
|
|
* Wed Feb 03 2021 Paul Wouters <pwouters@redhat.com> - 4.2-1
|
|
- Update to 4.2
|
|
|
|
* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 4.2-0.1.rc1.1
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
|
|
|
|
* Sat Dec 19 19:59:55 EST 2020 Paul Wouters <pwouters@redhat.com> - 4.2-0.1.rc1
|
|
- Resolves: rhbz#1867580 pluto process frequently dumps core
|
|
(disable USE_NSS_KDF until nss fixes have propagated)
|
|
|
|
* Sat Dec 19 2020 Adam Williamson <awilliam@redhat.com> - 4.1-4
|
|
- Rebuild for ldns soname bump
|
|
|
|
* Mon Nov 23 11:50:41 EST 2020 Paul Wouters <pwouters@redhat.com> - 4.1-3
|
|
- Resolves: rhbz#1894381 Libreswan 4.1-2 breaks l2tp connection to Windows VPN server
|
|
|
|
* Mon Oct 26 10:21:57 EDT 2020 Paul Wouters <pwouters@redhat.com> - 4.1-2
|
|
- Resolves: rhbz#1889538 libreswan's /var/lib/ipsec/nss missing
|
|
|
|
* Sun Oct 18 21:49:39 EDT 2020 Paul Wouters <pwouters@redhat.com> - 4.1-1
|
|
- Updated to 4.1 - interop fix for Cisco
|
|
|
|
* Thu Oct 15 10:27:14 EDT 2020 Paul Wouters <pwouters@redhat.com> - 4.0-1
|
|
- Resolves: rhbz#1888448 libreswan-4.0 is available
|
|
|
|
* Wed Sep 30 14:05:58 EDT 2020 Paul Wouters <pwouters@redhat.com> - 4.0-0.2.rc1
|
|
- Rebuild for libevent 2.1.12 with a soname bump
|
|
|
|
* Sun Sep 27 22:49:40 EDT 2020 Paul Wouters <pwouters@redhat.com> - 4.0-0.1.rc1
|
|
- Updated to 4.0rc1
|
|
|
|
* Thu Aug 27 2020 Paul Wouters <pwouters@redhat.com> - 3.32-4
|
|
- Resolves: rhbz#1864043 libreswan: FTBFS in Fedora rawhide/f33
|
|
|
|
* Sat Aug 01 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3.32-3.2
|
|
- Second attempt - Rebuilt for
|
|
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
|
|
|
|
* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3.32-3.1
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
|
|
|
|
* Tue Jun 30 2020 Jeff Law <law@redhat.com> - 3.32-3
|
|
- Initialize ppk_id_p in ikev2_parent_inR1outI2_tail to avoid uninitialized
|
|
object
|
|
|
|
* Tue May 26 2020 Paul Wouters <pwouters@redhat.com> - 3.32-2
|
|
- Backport NSS guarding fix for unannounced changed api in NSS causing segfault
|
|
|
|
* Mon May 11 2020 Paul Wouters <pwouters@redhat.com> - 3.32-1
|
|
- Resolves: rhbz#1809770 libreswan-3.32 is available
|
|
|
|
* Tue Apr 14 2020 Paul Wouters <pwouters@redhat.com> - 3.31-2
|
|
- Resolves: rhbz#1823823 Please drop the dependency on fipscheck
|
|
|
|
* Tue Mar 03 2020 Paul Wouters <pwouters@redhat.com> - 3.31-1
|
|
- Resolves: rhbz#1809770 libreswan-3.31 is available (fixes rekey regression)
|
|
|
|
* Fri Feb 14 2020 Paul Wouters <pwouters@redhat.com> - 3.30-1
|
|
- Resolves: rhbz#1802896 libreswan-3.30 is available
|
|
- Resolves: rhbz#1799598 libreswan: FTBFS in Fedora rawhide/f32
|
|
- Resolves: rhbz#1760571 [abrt] libreswan: configsetupcheck(): verify:366:configsetupcheck:TypeError:
|
|
|
|
* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3.29-2.1
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
|
|
|
|
* Thu Jan 09 2020 Paul Wouters <pwouters@redhat.com> - 3.29-2
|
|
- _updown.netkey: fix syntax error in checking routes
|
|
|
|
* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 3.29-1.1
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
|
|
|
|
* Mon Jun 10 2019 Paul Wouters <pwouters@redhat.com> - 3.29-1
|
|
- Resolves: rhbz#1718986 Updated to 3.29 for CVE-2019-10155
|
|
|
|
* Tue May 21 2019 Paul Wouters <pwouters@redhat.com> - 3.28-1
|
|
- Updated to 3.28 (many imported bugfixes, including CVE-2019-12312)
|
|
|
|
* Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 3.27-1.2
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
|
|
|
|
* Mon Jan 14 2019 Björn Esser <besser82@fedoraproject.org> - 3.27-1.1
|
|
- Rebuilt for libcrypt.so.2 (#1666033)
|
|
|
|
* Mon Oct 08 2018 Paul Wouters <pwouters@redhat.com> - 3.27-1
|
|
- Updated to 3.27 (various bugfixes)
|
|
|
|
* Thu Sep 27 2018 Paul Wouters <pwouters@redhat.com> - 3.26-3
|
|
- Add fedora python fixup for _unbound-hook
|
|
|
|
* Mon Sep 17 2018 Paul Wouters <pwouters@redhat.com> - 3.26-2
|
|
- linking against freebl is no longer needed (and wasn't done in 3.25)
|
|
|
|
* Mon Sep 17 2018 Paul Wouters <pwouters@redhat.com> - 3.26-1
|
|
- Updated to 3.26 (CHACHA20POLY1305, ECDSA and RSA-PSS support)
|
|
|
|
* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 3.25-3.1
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
|
|
|
|
* Mon Jul 09 2018 Paul Wouters <pwouters@redhat.com> - 3.25-3
|
|
- Fix Opportunistic IPsec _unbound-hook argument parsing
|
|
- Make rundir readable for all (so we can hand out permissions later)
|
|
|
|
* Mon Jul 02 2018 Paul Wouters <pwouters@redhat.com> - 3.25-2
|
|
- Relax deleting IKE SA's and IPsec SA's to avoid interop issues with third party VPN vendors
|
|
|
|
* Wed Jun 27 2018 Paul Wouters <pwouters@redhat.com> - 3.25-1
|
|
- Updated to 3.25
|
|
|
|
* Mon Feb 19 2018 Paul Wouters <pwouters@redhat.com> - 3.23-2
|
|
- Support crypto-policies package
|
|
- Pull in some patches from upstream and IANA registry updates
|
|
- gcc7 format-truncate fixes and workarounds
|
|
|
|
* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 3.23-1.1
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
|
|
|
|
* Thu Jan 25 2018 Paul Wouters <pwouters@redhat.com> - 3.23-1
|
|
- Updated to 3.23 - support for MOBIKE, PPK, CMAC, nic offload and performance improvements
|
|
|
|
* Sat Jan 20 2018 Björn Esser <besser82@fedoraproject.org> - 3.22-1.1
|
|
- Rebuilt for switch to libxcrypt
|
|
|
|
* Mon Oct 23 2017 Paul Wouters <pwouters@redhat.com> - 3.22-1
|
|
- Updated to 3.22 - many bugfixes, and unbound ipsecmod support
|
|
|
|
* Wed Aug 9 2017 Paul Wouters <pwouters@redhat.com> - 3.21-1
|
|
- Updated to 3.21
|
|
|
|
* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 3.20-1.2
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
|
|
|
|
* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 3.20-1.1
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
|
|
|
|
* Tue Mar 14 2017 Paul Wouters <pwouters@redhat.com> - 3.20-1
|
|
- Updated to 3.20
|
|
|
|
* Fri Mar 03 2017 Paul Wouters <pwouters@redhat.com> - 3.20-0.1.dr4
|
|
- Update to 3.20dr4 to test mozbz#1336487 export CERT_CompareAVA
|
|
|
|
* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 3.19-1.1
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
|
|
|
|
* Fri Feb 03 2017 Paul Wouters <pwouters@redhat.com> - 3.19-2
|
|
- Resolves: rhbz#1392191 libreswan: crash when OSX client connects
|
|
- Improved uniqueid and session replacing support
|
|
- Test Buffer warning fix on size_t
|
|
- Re-introduce --configdir for backwards compatibility
|
|
|
|
* Sun Jan 15 2017 Paul Wouters <pwouters@redhat.com> - 3.19-1
|
|
- Updated to 3.19 (see download.libreswan.org/CHANGES)
|
|
|
|
* Mon Dec 19 2016 Miro Hrončok <mhroncok@redhat.com> - 3.18-1.1
|
|
- Rebuild for Python 3.6
|
|
|
|
* Fri Jul 29 2016 Paul Wouters <pwouters@redhat.com> - 3.18-1
|
|
- Updated to 3.18 for CVE-2016-5391 rhbz#1361164 and VTI support
|
|
- Remove support for /etc/sysconfig/pluto (use native systemd instead)
|
|
|
|
* Thu May 05 2016 Paul Wouters <pwouters@redhat.com> - 3.17-2
|
|
- Resolves: rhbz#1324956 prelink is gone, /etc/prelink.conf.d/* is no longer used
|
|
|
|
* Thu Apr 07 2016 Paul Wouters <pwouters@redhat.com> - 3.17-1
|
|
- Updated to 3.17 for CVE-2016-3071
|
|
- Disable LIBCAP_NG as it prevents unbound-control from working properly
|
|
- Temporarilly disable WERROR due to a few minor known issues
|
|
|
|
* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 3.16-1.1
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
|
|
|
|
* Fri Dec 18 2015 Paul Wouters <pwouters@redhat.com> - 3.16-1
|
|
- Updated to 3.16 (see https://download.libreswan.org/CHANGES)
|
|
|
|
* Tue Aug 11 2015 Paul Wouters <pwouters@redhat.com> - 3.15-1
|
|
- Updated to 3.15 (see http://download.libreswan.org/CHANGES)
|
|
- Resolves: rhbz#CVE-2015-3240 IKE daemon restart when receiving a bad DH gx
|
|
- NSS database creation moved from spec file to service file
|
|
- Run CAVS tests on package build
|
|
- Added BuildRequire systemd-units and xmlto
|
|
- Bumped minimum required nss to 3.16.1
|
|
- Install tmpfiles
|
|
- Install sysctl file
|
|
- Update doc files to include
|
|
|
|
* Mon Jul 13 2015 Paul Wouters <pwouters@redhat.com> - 3.13-2
|
|
- Resolves: rhbz#1238967 Switch libreswan to use python3
|
|
|
|
* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.13-1.1
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
|
|
|
|
* Mon Jun 01 2015 Paul Wouters <pwouters@redhat.com> - 3.13-1
|
|
- Updated to 3.13 for CVE-2015-3204
|
|
|
|
* Fri Nov 07 2014 Paul Wouters <pwouters@redhat.com> - 3.12-1
|
|
- Updated to 3.12 Various IKEv2 fixes
|
|
|
|
* Wed Oct 22 2014 Paul Wouters <pwouters@redhat.com> - 3.11-1
|
|
- Updated to 3.11 (many fixes, including startup fixes)
|
|
- Resolves: rhbz#1144941 libreswan 3.10 upgrade breaks old ipsec.secrets configs
|
|
- Resolves: rhbz#1147072 ikev1 aggr mode connection fails after libreswan upgrade
|
|
- Resolves: rhbz#1144831 Libreswan appears to start with systemd before all the NICs are up and running
|
|
|
|
* Tue Sep 09 2014 Paul Wouters <pwouters@redhat.com> - 3.10-3
|
|
- Fix some coverity issues, auto=route on bootup and snprintf on 32bit machines
|
|
|
|
* Mon Sep 01 2014 Paul Wouters <pwouters@redhat.com> - 3.10-1
|
|
- Updated to 3.10, major bugfix release, new xauth status options
|
|
|
|
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.9-1.1
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
|
|
|
|
* Thu Jul 10 2014 Paul Wouters <pwouters@redhat.com> - 3.9-1
|
|
- Updated to 3.9. IKEv2 enhancements, ESP/IKE algo enhancements
|
|
- Mark libreswan-fips.conf as config file
|
|
- attr modifier for man pages no longer needed
|
|
- BUGS file no longer exists upstream
|
|
|
|
* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.8-1.1
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
|
|
|
|
* Sat Jan 18 2014 Paul Wouters <pwouters@redhat.com> - 3.8-1
|
|
- Updated to 3.8, fixes rhbz#CVE-2013-6467 (rhbz#1054102)
|
|
|
|
* Wed Dec 11 2013 Paul Wouters <pwouters@redhat.com> - 3.7-1
|
|
- Updated to 3.7, fixes CVE-2013-4564
|
|
- Fixes creating a bogus NSS db on startup (rhbz#1005410)
|
|
|
|
* Thu Oct 31 2013 Paul Wouters <pwouters@redhat.com> - 3.6-1
|
|
- Updated to 3.6 (IKEv2, MODECFG, Cisco interop fixes)
|
|
- Generate empty NSS db if none exists
|
|
|
|
* Mon Aug 19 2013 Paul Wouters <pwouters@redhat.com> - 3.5-3
|
|
- Add a Provides: for openswan-doc
|
|
|
|
* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.5-1.1
|
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
|
|
|
|
* Mon Jul 15 2013 Paul Wouters <pwouters@redhat.com> - 3.5-2
|
|
- Added interop patch for (some?) Cisco VPN clients sending 16 zero
|
|
bytes of extraneous IKE data
|
|
- Removed fipscheck_version
|
|
|
|
* Sat Jul 13 2013 Paul Wouters <pwouters@redhat.com> - 3.5-1
|
|
- Updated to 3.5
|
|
|
|
* Thu Jun 06 2013 Paul Wouters <pwouters@redhat.com> - 3.4-1
|
|
- Updated to 3.4, which only contains style changes to kernel coding style
|
|
- IN MEMORIAM: June 3rd, 2013 Hugh Daniel
|
|
|
|
* Mon May 13 2013 Paul Wouters <pwouters@redhat.com> - 3.3-1
|
|
- Updated to 3.3, which resolves CVE-2013-2052
|
|
|
|
* Sat Apr 13 2013 Paul Wouters <pwouters@redhat.com> - 3.2-1
|
|
- Initial package for Fedora
|