Back to freeswan PTS page

Accepted freeswan 1.99-3 (i386 source all)

To: debian-devel-changes@lists.debian.org
Subject: Accepted freeswan 1.99-3 (i386 source all)
From: Rene Mayrhofer <rene@mayrhofer.eu.org>
Date: Fri, 28 Feb 2003 09:32:29 -0500
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E18olYr-0005o3-00@auric.debian.org>
Reply-to: debian-devel@lists.debian.org
Sender: Archive Administrator <katie@auric.debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Sun, 16 Feb 2003 21:17:08 +0100
Source: freeswan
Binary: kernel-patch-freeswan kernel-patch-freeswan-ext freeswan
Architecture: source i386 all
Version: 1.99-3
Distribution: unstable
Urgency: low
Maintainer: Rene Mayrhofer <rmayr@debian.org>
Changed-By: Rene Mayrhofer <rene@mayrhofer.eu.org>
Description: 
 freeswan   - IPSEC utilities for FreeSWan
 kernel-patch-freeswan - IPSEC kernel support for FreeSwan
 kernel-patch-freeswan-ext - IPSEC kernel support for FreeSwan + modular extensions
Closes: 115737 127236 133752 134650 135068 139024 139857 141059 143311 143362 148364 151064 167508 167730 168673 171491 173682 179756
Changes: 
 freeswan (1.99-3) unstable; urgency=low
 .
   This is the "maintainer isn't dead and is sometimes even reading bug
   reports" release. Besides introducing a few new, hopefully helpful patches,
   it fixes quite some bug reports (and yes, even some of the long-standing
   ones).
   * Updated the X.509 patch, which should now include a pretty stable version
     of the protocol and port selector.
   * Updated the NAT traversal patch and made it apply (i.e. resolve conflicts
     with the updated X.509 patch).
   * Added the single-DES patch to allow selection of single-DES as "cipher".
     [*ducks* Please don't kill me for that. I know that it's inherently
     insecure and thus I don't give any hint in any README file that this
     is available. But some may need it for interoperability with broken
     IPSec routers.]
     However, this patch is currently not applied, only contained in the source
     package. It does not apply cleanly with the other patches and I have to
     figure out if it works if I manually apply it (I also do this for other
     patches, but the other ones seem to have no problems other than
     syntactical ones). If anybody wants to play with it, just download the
     source, rename the .disabled file in debian/pre-build-patches/ to .diff
     and recompile.
   * Added the %any %any shared secrets patch. If anybody needs road warrior
     support with shared secrets, this will enable it (and should do not harm
     otherwise).
     Please note that the last patch only affects pluto, not the kernel code
     Thus it should not be able to break your system in any way, just make
     pluto a bit more flexible.
     This patch is also currently not applied, for the same reason as the
     single-DES patch isn't.
   * Removed that bogus comment at the end of ipsec.secrets when
     inserting a private key reference.
   * Moved the example configurations from ext-patches to crypto-ext-patches.
   * Finally deal with the start order with NFS: let the user choose if
     /usr is mounted via NFS or not (and start as early as possible by
     default, i.e. directly after the network has been set up).
     While on the way, also let the user choose if it should start after
     PCMCIA.
     Closes: #134650: freeswan: starts too late on NIS/NFS clients
     Closes: #143362: Freeswan init script should start after pcmcia
     Closes: #151064: freeswan: FreeSWan starts too early when using local DNS
                      lookups
   * Change the logcheck ignore patterns to match current syslog messages.
     Closes: #168673: Change templates for logcheck
   * Insert the contents of the plain RSA key instead of the temporary
     filename into ipsec.secrets .....
     Closes: #167730: freeswan: Do not generate ipsec.secret
     Closes: #167508: freeswan: plain keypairs do not go into /etc/ipsec.secrets
                      correctly
   * Also check for the existance of the automatically generated X.509
     certificate and key files before overwriting them.
     Closes: #171491: freeswan: x509 certificate recreated upon upgrade
   * Use empty strings for empty fields in the debconf questions instead of
     dots.
     Closes: #143311: freeswan: empty x509 settings should not require dots
   * Changed the example for the X.509 state field (ST) in the debconf template.
     Closes: #148364: freeswan: bogus ST in X.509 DN example
   * I didn't hear anything back from the bug reporter and don't have any
     access to a Sparc machine. Thus, I am now closing this bug, which should
     have gone away with the new upstream version.
     Closes: #173682: kernel-patch-freeswan: freeswan compilation and
                      ioctl() error on sparc64
   * Ok, I finally removed gawk completely (i.e. --purge) from my system
     and tried freeswan. As I could not notice any problems and Angus Lees
     also reported that it worked successfully, I am now closing this bug.
     I know that the upstream docs say that gawk is needed, but I can't see
     a reason for this at the moment. If the bug persists, then please send
     me the full error messages (bug reporter did not respond to Angus Lees's
     request to post the error message to the BTS).
     Closes: #179756: Freeswan: Gawk (again) is missing from dependencies
 .
   * Finally acknowledging these bugs that have been fixed in previous NMUs.
     Closes: #133752: kernel-patch-freeswan: unpatch/freeswan remove empty
                      files
     Closes: #139024: freeswan: wrong logcheck rule filters ALL "unusual"
                      syslog messages
     Closes: #141059: kernel-patch-freeswan: link error with freeswan 1.64
                      and 2.4.18 kernel
     Closes: #127236: freeswan: FTBFS with gcc 3.0 (hppe/unstable)
     Closes: #135068: [Bugs] FreeS/WAN on hppa
     Closes: #139857: Undeclared dependency on gawk
     Closes: #115737: freeswan: bashism in /usr/lib/ipsec/_plutorun
Files: 
 922dfd4e3964dc9311b8a48a5aee2dec 687 net optional freeswan_1.99-3.dsc
 b37126ab12f080af53419dd3e12338c0 460443 net optional freeswan_1.99-3.diff.gz
 2a6f147d8efbab21f2b98d5ed6099f94 620616 net optional kernel-patch-freeswan_1.99-3_all.deb
 5675b04fd2ad845597c786427e8de708 832208 net optional kernel-patch-freeswan-ext_1.99-3_all.deb
 c1ad91d2a0e5c5d8c57426d98a250886 1806686 net optional freeswan_1.99-3_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iEYEARECAAYFAj5ZTB4ACgkQq7SPDcPCS95SMgCg7syrRUJwW6OYUPLFrS5BDDjy
eTsAoJ/EeeS08QchkgjaEm/zevLfpc5k
=F9Gb
-----END PGP SIGNATURE-----


Accepted:
freeswan_1.99-3.diff.gz
  to pool/main/f/freeswan/freeswan_1.99-3.diff.gz
freeswan_1.99-3.dsc
  to pool/main/f/freeswan/freeswan_1.99-3.dsc
freeswan_1.99-3_i386.deb
  to pool/main/f/freeswan/freeswan_1.99-3_i386.deb
kernel-patch-freeswan-ext_1.99-3_all.deb
  to pool/main/f/freeswan/kernel-patch-freeswan-ext_1.99-3_all.deb
kernel-patch-freeswan_1.99-3_all.deb
  to pool/main/f/freeswan/kernel-patch-freeswan_1.99-3_all.deb


-- 
To UNSUBSCRIBE, email to debian-devel-changes-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org