[Pkg-swan-devel] [strongswan] 10/12: Fix spurious entry in debian/NEWS.

Sun Mar 16 14:49:38 UTC 2014

This is an automated email from the git hooks/post-receive script.

corsac pushed a commit to branch master
in repository strongswan.

commit 72448f305c65fb08b0e8db0b56435a2486226f31
Author: Yves-Alexis Perez <corsac at debian.org>
Date:   Wed Mar 12 10:31:40 2014 +0100

    Fix spurious entry in debian/NEWS.
    
    * debian/NEWS:
      - fix spurious entry.
---
 debian/NEWS      | 32 --------------------------------
 debian/changelog |  2 ++
 2 files changed, 2 insertions(+), 32 deletions(-)

diff --git a/debian/NEWS b/debian/NEWS
index af017f7..a1703e4 100644
--- a/debian/NEWS
+++ b/debian/NEWS
@@ -65,35 +65,3 @@ strongswan (4.5.0-1) unstable; urgency=low
 Local variables:
 mode: debian-changelog
 End:
-strongswan (5.1.0-1) unstable; urgency=low
-
-  Starting with strongswan 4.5.0 upstream, the IKEv2 protocol is now the
-  default. This can easily be changed using the keyexchange=ikev1 config
-  option (either in the respective "conn" section or by putting it in the
-  "default" section and therefore applying it to all existing connections).
-
-  The IKEv2 protocol has less overhead, more features (e.g. NAT-Traversal by
-  default, MOBIKE, Mobile IPv6), and provides better error messages in case
-  the connection can not be established. It is therefore highly recommended
-  to use it when the other side also supports it.
-  
-  Addtionally, strongswan 4.5.0-1 now enables support for NAT Traversal in
-  combination with IPsec transport mode (the support for this has existed 
-  for a long time, but was disabled due to security concerns). This is 
-  required e.g. to let mobile phone clients (notably Android, iPhone) 
-  connect to an L2TP/IPsec gateway using strongswan. The security 
-  implications as described in the original README.NAT-Traversal file from 
-  the openswan distribution are:
-  
-  * Transport Mode can't be used without NAT in the IPSec layer. Otherwise,
-    all packets for the NAT device (including all hosts behind it) would be
-    sent to the NAT-T Client. This would create a sort of blackhole between
-    the peer which is not behind NAT and the NAT device.
-
-  * In Tunnel Mode with roadwarriors, we CAN'T accept any IP address,
-    otherwise, an evil roadwarrior could redirect all trafic for one host
-    (including a host on the private network) to himself. That's why, you have
-    to specify the private IP in the configuration file, use virtual IP
-    management, or DHCP-over-IPSec.
-
- -- Yves-Alexis Perez <corsac at debian.org>  Mon, 30 Sep 2013 20:43:03 +0200
diff --git a/debian/changelog b/debian/changelog
index d7a4cb2..8e886fd 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -13,6 +13,8 @@ strongswan (5.1.2-1) UNRELEASED; urgency=medium
       upstream.
   * debian/rules, debian/*.install:
     - install default configuration files for all plugins.
+  * debian/NEWS:
+    - fix spurious entry.
 
  -- Yves-Alexis Perez <corsac at debian.org>  Tue, 11 Mar 2014 20:48:54 +0100
 

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-swan/strongswan.git

