[Pkg-swan-devel] [strongswan] 01/02: Merge tag 'v5.2.1-6+deb8u1' into strongswan-wheezy-backports

Romain Francoise rfrancoise at moszumanska.debian.org
Mon Jun 8 19:14:55 UTC 2015 

This is an automated email from the git hooks/post-receive script.

rfrancoise pushed a commit to branch strongswan-wheezy-backports
in repository strongswan.

commit a76f78291799d412d25fce9545ef0faadcd1ec17
Merge: e8a983e 1ff457f
Author: Romain Francoise <rfrancoise at debian.org>
Date:   Mon Jun 8 20:57:52 2015 +0200

    Merge tag 'v5.2.1-6+deb8u1' into strongswan-wheezy-backports
    
    Tag strongSwan 5.2.1-6+deb8u1
    
    * tag 'v5.2.1-6+deb8u1':
      upload to security-master/jessie-security
      Fix CVE-2015-4171
      Fix handling of ipsec name under systemd (#781209)

 debian/changelog                                   |  19 ++++
 debian/patches/03_systemd-service.patch            |   4 +-
 .../CVE-2015-4171_enforce_remote_auth.patch        | 102 +++++++++++++++++++++
 debian/patches/series                              |   1 +
 debian/strongswan-starter.links                    |   1 +
 5 files changed, 124 insertions(+), 3 deletions(-)

diff --cc debian/changelog
index a6a7594,5e8f26d..7333bb4
--- a/debian/changelog
+++ b/debian/changelog
@@@ -1,9 -1,22 +1,28 @@@
+ strongswan (5.2.1-6+deb8u1) jessie-security; urgency=high
+ 
+   * debian/patches:
+     - CVE-2015-4171_enforce_remote_auth added, fix potential leak of
+     authentication credential to rogue server when using PSK or EAP. This is
+     CVE-2015-4171.
+ 
+  -- Yves-Alexis Perez <corsac at debian.org>  Thu, 04 Jun 2015 19:24:59 +0200
+ 
+ strongswan (5.2.1-6) unstable; urgency=medium
+ 
+   * Ship /lib/systemd/system/ipsec.service as a symlink to
+     strongswan.service in strongswan-starter instead of using Alias= in
+     the service file. This makes the ipsec name available to invoke-rc.d
+     before the service gets actually enabled, which avoids some confusion
+     (closes: #781209).
+ 
+  -- Romain Francoise <rfrancoise at debian.org>  Sat, 04 Apr 2015 17:55:38 +0200
+ 
 +strongswan (5.2.1-5~bpo70+1) wheezy-backports; urgency=medium
 +
 +  * Rebuild for wheezy-backports.
 +
 + -- Romain Francoise <rfrancoise at debian.org>  Mon, 05 Jan 2015 22:33:17 +0100
 +
  strongswan (5.2.1-5) unstable; urgency=high
  
    * debian/patches:

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-swan/strongswan.git

More information about the Pkg-swan-devel mailing list