libreswan/changelog
Paul Wouters 9bd683c343 Convert to %autorelease and %autochangelog
[skip changelog]

Related: RHEL-32481
2024-06-28 06:40:53 +09:00

333 lines
14 KiB
Plaintext

* Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 4.12-3.3
- Bump release for June 2024 mass rebuild
* Thu Jan 25 2024 Fedora Release Engineering <releng@fedoraproject.org> - 4.12-3.2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Sun Jan 21 2024 Fedora Release Engineering <releng@fedoraproject.org> - 4.12-3.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Fri Sep 08 2023 Paul Wouters <paul.wouters@aiven.io> - 4.12-3
- Update libcap-ng patch, fix email addresses in changelog
* Tue Sep 05 2023 Paul Wouters <paul.wouters@aiven.io> - 4.12-2
- Remove ipsec show and ipsec verify sub commands (not very useful, causes python requirement)
- Patch for handling libcap-ng return values and fix capng_apply() call
* Fri Aug 11 2023 Paul Wouters <paul.wouters@aiven.io> - 4.12-1
- Update to 4.12 for CVE-2023-38710, CVE-2023-38711 and CVE-2023-38712
- Resolves: rhbz#2230225 libreswan-4.12 is available
* Thu Jul 20 2023 Fedora Release Engineering <releng@fedoraproject.org> - 4.11-1.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Thu May 04 2023 Paul Wouters <paul.wouters@aiven.io> - 4.11-1
- Update to 4.11 for CVE-2023-30570
* Wed Mar 01 2023 Paul Wouters <paul.wouters@aiven.io> - 4.10-1
- Update to 4.10 for CVE-2023-23009
* Thu Jan 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 4.9-2.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Tue Jan 10 2023 Paul Wouters <paul.wouters@aiven.io> - 4.9-2
- Use new GPG key location.
* Thu Oct 13 2022 Paul Wouters <paul.wouters@aiven.io> - 4.9-1
- Update to 4.9 (maxbytes/maxpackets support, raw ECDSA support, misc fixes)
* Thu Jul 21 2022 Fedora Release Engineering <releng@fedoraproject.org> - 4.7-1.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Tue May 24 2022 Paul Wouters <paul.wouters@aiven.io> - 4.7-1
- Updated to 4.7 (EAPTLS support, bugfixes)
* Thu Jan 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 4.6-2.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Thu Jan 13 2022 Paul Wouters <paul.wouters@aiven.io> - 4.6-2
- Re-enable USE_DNSSEC again with patch to resolve header conflicts
* Wed Jan 12 2022 Paul Wouters <paul.wouters@aiven.io> - 4.6-1
- Resolves: CVE-2022-23094
- Resolves: rhbz#2039604 libreswan-4.6 is available
- Add gpg key and signature check for build
- Temporarilly disable USE_DNSSEC in rawhide while we figure out openssl vs nss include clash
* Thu Aug 26 2021 Paul Wouters <paul.wouters@aiven.io> - 4.5-1
- Resolves rhbz#1996250 libreswan-4.5 is available
* Tue Aug 03 2021 Paul Wouters <paul.wouters@aiven.io> - 4.4-3
- Resolves rhbz#1989198 libreswan should depend on procps-ng or pidof
* Thu Jul 22 2021 Fedora Release Engineering <releng@fedoraproject.org> - 4.4-2.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Mon Jun 07 2021 Paul Wouters <paul.wouters@aiven.io> - 4.4-2
- Properly handle rpm sysctl config
* Wed May 12 2021 Paul Wouters <paul.wouters@aiven.io> - 4.4-1
- Resolves: rhbz#1952602 libreswan-4.4 is available
* Tue Mar 02 2021 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 4.3-1.1
- Rebuilt for updated systemd-rpm-macros
See https://pagure.io/fesco/issue/2583.
* Sun Feb 21 2021 Paul Wouters <pwouters@redhat.com> - 4.3-1
- update to 4.3 (minor bugfix release)
* Wed Feb 03 2021 Paul Wouters <pwouters@redhat.com> - 4.2-1
- Update to 4.2
* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 4.2-0.1.rc1.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Sat Dec 19 19:59:55 EST 2020 Paul Wouters <pwouters@redhat.com> - 4.2-0.1.rc1
- Resolves: rhbz#1867580 pluto process frequently dumps core
(disable USE_NSS_KDF until nss fixes have propagated)
* Sat Dec 19 2020 Adam Williamson <awilliam@redhat.com> - 4.1-4
- Rebuild for ldns soname bump
* Mon Nov 23 11:50:41 EST 2020 Paul Wouters <pwouters@redhat.com> - 4.1-3
- Resolves: rhbz#1894381 Libreswan 4.1-2 breaks l2tp connection to Windows VPN server
* Mon Oct 26 10:21:57 EDT 2020 Paul Wouters <pwouters@redhat.com> - 4.1-2
- Resolves: rhbz#1889538 libreswan's /var/lib/ipsec/nss missing
* Sun Oct 18 21:49:39 EDT 2020 Paul Wouters <pwouters@redhat.com> - 4.1-1
- Updated to 4.1 - interop fix for Cisco
* Thu Oct 15 10:27:14 EDT 2020 Paul Wouters <pwouters@redhat.com> - 4.0-1
- Resolves: rhbz#1888448 libreswan-4.0 is available
* Wed Sep 30 14:05:58 EDT 2020 Paul Wouters <pwouters@redhat.com> - 4.0-0.2.rc1
- Rebuild for libevent 2.1.12 with a soname bump
* Sun Sep 27 22:49:40 EDT 2020 Paul Wouters <pwouters@redhat.com> - 4.0-0.1.rc1
- Updated to 4.0rc1
* Thu Aug 27 2020 Paul Wouters <pwouters@redhat.com> - 3.32-4
- Resolves: rhbz#1864043 libreswan: FTBFS in Fedora rawhide/f33
* Sat Aug 01 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3.32-3.2
- Second attempt - Rebuilt for
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3.32-3.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Tue Jun 30 2020 Jeff Law <law@redhat.com> - 3.32-3
- Initialize ppk_id_p in ikev2_parent_inR1outI2_tail to avoid uninitialized
object
* Tue May 26 2020 Paul Wouters <pwouters@redhat.com> - 3.32-2
- Backport NSS guarding fix for unannounced changed api in NSS causing segfault
* Mon May 11 2020 Paul Wouters <pwouters@redhat.com> - 3.32-1
- Resolves: rhbz#1809770 libreswan-3.32 is available
* Tue Apr 14 2020 Paul Wouters <pwouters@redhat.com> - 3.31-2
- Resolves: rhbz#1823823 Please drop the dependency on fipscheck
* Tue Mar 03 2020 Paul Wouters <pwouters@redhat.com> - 3.31-1
- Resolves: rhbz#1809770 libreswan-3.31 is available (fixes rekey regression)
* Fri Feb 14 2020 Paul Wouters <pwouters@redhat.com> - 3.30-1
- Resolves: rhbz#1802896 libreswan-3.30 is available
- Resolves: rhbz#1799598 libreswan: FTBFS in Fedora rawhide/f32
- Resolves: rhbz#1760571 [abrt] libreswan: configsetupcheck(): verify:366:configsetupcheck:TypeError:
* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3.29-2.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Thu Jan 09 2020 Paul Wouters <pwouters@redhat.com> - 3.29-2
- _updown.netkey: fix syntax error in checking routes
* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 3.29-1.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Mon Jun 10 2019 Paul Wouters <pwouters@redhat.com> - 3.29-1
- Resolves: rhbz#1718986 Updated to 3.29 for CVE-2019-10155
* Tue May 21 2019 Paul Wouters <pwouters@redhat.com> - 3.28-1
- Updated to 3.28 (many imported bugfixes, including CVE-2019-12312)
* Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 3.27-1.2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Mon Jan 14 2019 Björn Esser <besser82@fedoraproject.org> - 3.27-1.1
- Rebuilt for libcrypt.so.2 (#1666033)
* Mon Oct 08 2018 Paul Wouters <pwouters@redhat.com> - 3.27-1
- Updated to 3.27 (various bugfixes)
* Thu Sep 27 2018 Paul Wouters <pwouters@redhat.com> - 3.26-3
- Add fedora python fixup for _unbound-hook
* Mon Sep 17 2018 Paul Wouters <pwouters@redhat.com> - 3.26-2
- linking against freebl is no longer needed (and wasn't done in 3.25)
* Mon Sep 17 2018 Paul Wouters <pwouters@redhat.com> - 3.26-1
- Updated to 3.26 (CHACHA20POLY1305, ECDSA and RSA-PSS support)
* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 3.25-3.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Mon Jul 09 2018 Paul Wouters <pwouters@redhat.com> - 3.25-3
- Fix Opportunistic IPsec _unbound-hook argument parsing
- Make rundir readable for all (so we can hand out permissions later)
* Mon Jul 02 2018 Paul Wouters <pwouters@redhat.com> - 3.25-2
- Relax deleting IKE SA's and IPsec SA's to avoid interop issues with third party VPN vendors
* Wed Jun 27 2018 Paul Wouters <pwouters@redhat.com> - 3.25-1
- Updated to 3.25
* Mon Feb 19 2018 Paul Wouters <pwouters@redhat.com> - 3.23-2
- Support crypto-policies package
- Pull in some patches from upstream and IANA registry updates
- gcc7 format-truncate fixes and workarounds
* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 3.23-1.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Thu Jan 25 2018 Paul Wouters <pwouters@redhat.com> - 3.23-1
- Updated to 3.23 - support for MOBIKE, PPK, CMAC, nic offload and performance improvements
* Sat Jan 20 2018 Björn Esser <besser82@fedoraproject.org> - 3.22-1.1
- Rebuilt for switch to libxcrypt
* Mon Oct 23 2017 Paul Wouters <pwouters@redhat.com> - 3.22-1
- Updated to 3.22 - many bugfixes, and unbound ipsecmod support
* Wed Aug 9 2017 Paul Wouters <pwouters@redhat.com> - 3.21-1
- Updated to 3.21
* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 3.20-1.2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 3.20-1.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Tue Mar 14 2017 Paul Wouters <pwouters@redhat.com> - 3.20-1
- Updated to 3.20
* Fri Mar 03 2017 Paul Wouters <pwouters@redhat.com> - 3.20-0.1.dr4
- Update to 3.20dr4 to test mozbz#1336487 export CERT_CompareAVA
* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 3.19-1.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
* Fri Feb 03 2017 Paul Wouters <pwouters@redhat.com> - 3.19-2
- Resolves: rhbz#1392191 libreswan: crash when OSX client connects
- Improved uniqueid and session replacing support
- Test Buffer warning fix on size_t
- Re-introduce --configdir for backwards compatibility
* Sun Jan 15 2017 Paul Wouters <pwouters@redhat.com> - 3.19-1
- Updated to 3.19 (see download.libreswan.org/CHANGES)
* Mon Dec 19 2016 Miro Hrončok <mhroncok@redhat.com> - 3.18-1.1
- Rebuild for Python 3.6
* Fri Jul 29 2016 Paul Wouters <pwouters@redhat.com> - 3.18-1
- Updated to 3.18 for CVE-2016-5391 rhbz#1361164 and VTI support
- Remove support for /etc/sysconfig/pluto (use native systemd instead)
* Thu May 05 2016 Paul Wouters <pwouters@redhat.com> - 3.17-2
- Resolves: rhbz#1324956 prelink is gone, /etc/prelink.conf.d/* is no longer used
* Thu Apr 07 2016 Paul Wouters <pwouters@redhat.com> - 3.17-1
- Updated to 3.17 for CVE-2016-3071
- Disable LIBCAP_NG as it prevents unbound-control from working properly
- Temporarilly disable WERROR due to a few minor known issues
* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 3.16-1.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
* Fri Dec 18 2015 Paul Wouters <pwouters@redhat.com> - 3.16-1
- Updated to 3.16 (see https://download.libreswan.org/CHANGES)
* Tue Aug 11 2015 Paul Wouters <pwouters@redhat.com> - 3.15-1
- Updated to 3.15 (see http://download.libreswan.org/CHANGES)
- Resolves: rhbz#CVE-2015-3240 IKE daemon restart when receiving a bad DH gx
- NSS database creation moved from spec file to service file
- Run CAVS tests on package build
- Added BuildRequire systemd-units and xmlto
- Bumped minimum required nss to 3.16.1
- Install tmpfiles
- Install sysctl file
- Update doc files to include
* Mon Jul 13 2015 Paul Wouters <pwouters@redhat.com> - 3.13-2
- Resolves: rhbz#1238967 Switch libreswan to use python3
* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.13-1.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
* Mon Jun 01 2015 Paul Wouters <pwouters@redhat.com> - 3.13-1
- Updated to 3.13 for CVE-2015-3204
* Fri Nov 07 2014 Paul Wouters <pwouters@redhat.com> - 3.12-1
- Updated to 3.12 Various IKEv2 fixes
* Wed Oct 22 2014 Paul Wouters <pwouters@redhat.com> - 3.11-1
- Updated to 3.11 (many fixes, including startup fixes)
- Resolves: rhbz#1144941 libreswan 3.10 upgrade breaks old ipsec.secrets configs
- Resolves: rhbz#1147072 ikev1 aggr mode connection fails after libreswan upgrade
- Resolves: rhbz#1144831 Libreswan appears to start with systemd before all the NICs are up and running
* Tue Sep 09 2014 Paul Wouters <pwouters@redhat.com> - 3.10-3
- Fix some coverity issues, auto=route on bootup and snprintf on 32bit machines
* Mon Sep 01 2014 Paul Wouters <pwouters@redhat.com> - 3.10-1
- Updated to 3.10, major bugfix release, new xauth status options
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.9-1.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Thu Jul 10 2014 Paul Wouters <pwouters@redhat.com> - 3.9-1
- Updated to 3.9. IKEv2 enhancements, ESP/IKE algo enhancements
- Mark libreswan-fips.conf as config file
- attr modifier for man pages no longer needed
- BUGS file no longer exists upstream
* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.8-1.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Sat Jan 18 2014 Paul Wouters <pwouters@redhat.com> - 3.8-1
- Updated to 3.8, fixes rhbz#CVE-2013-6467 (rhbz#1054102)
* Wed Dec 11 2013 Paul Wouters <pwouters@redhat.com> - 3.7-1
- Updated to 3.7, fixes CVE-2013-4564
- Fixes creating a bogus NSS db on startup (rhbz#1005410)
* Thu Oct 31 2013 Paul Wouters <pwouters@redhat.com> - 3.6-1
- Updated to 3.6 (IKEv2, MODECFG, Cisco interop fixes)
- Generate empty NSS db if none exists
* Mon Aug 19 2013 Paul Wouters <pwouters@redhat.com> - 3.5-3
- Add a Provides: for openswan-doc
* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.5-1.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Mon Jul 15 2013 Paul Wouters <pwouters@redhat.com> - 3.5-2
- Added interop patch for (some?) Cisco VPN clients sending 16 zero
bytes of extraneous IKE data
- Removed fipscheck_version
* Sat Jul 13 2013 Paul Wouters <pwouters@redhat.com> - 3.5-1
- Updated to 3.5
* Thu Jun 06 2013 Paul Wouters <pwouters@redhat.com> - 3.4-1
- Updated to 3.4, which only contains style changes to kernel coding style
- IN MEMORIAM: June 3rd, 2013 Hugh Daniel
* Mon May 13 2013 Paul Wouters <pwouters@redhat.com> - 3.3-1
- Updated to 3.3, which resolves CVE-2013-2052
* Sat Apr 13 2013 Paul Wouters <pwouters@redhat.com> - 3.2-1
- Initial package for Fedora