SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for strongswan-libipsec-5.4.0-2.fc22.i686.rpm :
Wed Jun 22 14:00:00 2016 Pavel Šimerda
- Enable IKEv2 GCM (requires gcrypt module as well) - merged from f22 by Paul Wouters

Wed Jun 22 14:00:00 2016 Pavel Šimerda - 5.4.0-1
- New version 5.4.0

Thu Mar 3 13:00:00 2016 Pavel Šimerda - 5.3.5-1
- New version 5.3.5

Fri Feb 5 13:00:00 2016 Fedora Release Engineering - 5.3.3-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild

Fri Jan 15 13:00:00 2016 Paul Wouters - 5.3.3-2
- Enable IKEv2 GCM (requires gcrypt module as well)

Tue Sep 29 14:00:00 2015 Pavel Šimerda - 5.3.3-1
- new version 5.3.3

Thu Sep 24 14:00:00 2015 Pavel Šimerda - 5.3.2-3
- Resolves: #1264598 - strongswan: many configuration files are not protected

Fri Jun 19 14:00:00 2015 Fedora Release Engineering - 5.3.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild

Tue Jun 9 14:00:00 2015 Pavel Šimerda
- new version 5.3.2

Fri Jun 5 14:00:00 2015 Pavel Šimerda - 5.3.1-1
- new version 5.3.1

Tue Mar 31 14:00:00 2015 Pavel Šimerda - 5.3.0-1
- new version 5.3.0

Fri Feb 20 13:00:00 2015 Avesh Agarwal - 5.2.2-2
- Fixes strongswan swanctl service issue rhbz#1193106

Tue Jan 6 13:00:00 2015 Pavel Šimerda - 5.2.2-1
- new version 5.2.2

Thu Dec 18 13:00:00 2014 Avesh Agarwal - 5.2.2-0.2.dr1
- Enabled ccm, and ctr plugins as it seems enabling just openssl does
not work for using ccm and ctr algos.

Mon Dec 8 13:00:00 2014 Avesh Agarwal - 5.2.2-0.1.dr1
- New strongswan developer release 5.2.2dr1

Mon Nov 24 13:00:00 2014 Avesh Agarwal - 5.2.1-2
- 1167331: Enabled native systemd support.
- Does not disable old systemd, starter, ipsec.conf support yet.

Thu Oct 30 13:00:00 2014 Avesh Agarwal - 5.2.1-1
- New upstream release 5.2.1

Thu Oct 16 14:00:00 2014 Avesh Agarwal - 5.2.1-0.2.rc1
- New upstream release candidate 5.2.1rc1

Fri Oct 10 14:00:00 2014 Pavel Šimerda - 5.2.1-1
- new version 5.2.1dr1

Thu Sep 25 14:00:00 2014 Pavel Šimerda - 5.2.0-7
- use upstream patch for json/json-c dependency

Thu Sep 25 14:00:00 2014 Pavel Šimerda - 5.2.0-6
- Resolves: #1146145 - Strongswan is compiled without xauth-noauth plugin

Mon Aug 18 14:00:00 2014 Fedora Release Engineering - 5.2.0-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild

Tue Aug 5 14:00:00 2014 Pavel Šimerda - 5.2.0-4
- Resolves: #1081804 - enable Kernel IPSec support

Wed Jul 30 14:00:00 2014 Pavel Šimerda - 5.2.0-3
- rebuilt

Tue Jul 29 14:00:00 2014 Pavel Šimerda - 5.2.0-2
- fix json-c dependency

Tue Jul 15 14:00:00 2014 Avesh Agarwal - 5.2.0-1
- New upstream release 5.2.0
- The Attestation IMC/IMV pair supports the IMA-NG
measurement format
- Aikgen tool to generate an Attestation Identity Key bound
to a TPM
- Swanctl tool to provide a portable, complete IKE
configuration and control interface for the command
line using vici interface with libvici library
- PT-EAP transport protocol (RFC 7171) for TNC
- Enabled support for acert for checking X509 attribute certificate
- Updated patches, removed selinux patch as upstream has fixed it
in this release.
- Updated spec file with minor cleanups

Thu Jun 26 14:00:00 2014 Pavel Šimerda - 5.2.0-0.4.dr6
- improve prerelease macro

Thu Jun 26 14:00:00 2014 Pavel Šimerda - 5.2.0-0.3
- Resolves: #1111895 - bump to 5.2.0dr6

Thu Jun 12 14:00:00 2014 Pavel Šimerda - 5.2.0-0.2
- Related: #1087437 - remove or upstream all patches not specific to fedora/epel

Thu Jun 12 14:00:00 2014 Pavel Šimerda - 5.2.0-0.1.dr5
- fix the pre-release version according to guidelines before it gets branched

Fri Jun 6 14:00:00 2014 Pavel Šimerda - 5.2.0dr5-1
- new version 5.2.0dr5
- add json-c-devel to build deps

Mon May 26 14:00:00 2014 Pavel Šimerda - 5.2.0dr4-3
- merge two related patches

Mon May 26 14:00:00 2014 Pavel Šimerda - 5.2.0dr4-2
- clean up the patches a bit

Thu May 22 14:00:00 2014 Avesh Agarwal - 5.2.0dr4-1
- New upstream developer release 5.2.0dr4
- Attestation IMV/IMC supports IMA-NG measurement format now
- Aikgen tool to generate an Attestation Identity Key bound
to a TPM
- PT-EAP transport protocol (RFC 7171) for TNC
- vici plugin provides IKE Configuration Interface for charon
- Enabled support for acert for checking X509 attribute certificate
- Updated patches
- Updated spec file with minor cleanups

Tue Apr 15 14:00:00 2014 Pavel Šimerda - 5.1.3-1
- new version 5.1.3

Mon Apr 14 14:00:00 2014 Pavel Šimerda - 5.1.3rc1-1
- new version 5.1.3rc1

Mon Mar 24 13:00:00 2014 Pavel Šimerda - 5.1.2-4
- #1069928 - updated libexec patch.

Tue Mar 18 13:00:00 2014 Pavel Šimerda - 5.1.2-3
- fixed el6 initscript
- fixed pki directory location

Fri Mar 14 13:00:00 2014 Pavel Šimerda - 5.1.2-2
- clean up the specfile a bit
- replace the initscript patch with an individual initscript
- patch to build for epel6

Mon Mar 3 13:00:00 2014 Pavel Šimerda - 5.1.2-1
- #1071353 - bump to 5.1.2
- #1071338 - strongswan is compiled without xauth-pam plugin
- remove obsolete patches
- sent all patches upstream
- added comments to all patches
- don\'t touch the config with sed

Thu Feb 20 13:00:00 2014 Avesh Agarwal - 5.1.1-6
- Fixed full hardening for strongswan (full relro and PIE).
The previous macros had a typo and did not work
(see bz#1067119).
- Fixed tnc package description to reflect the current state of
the package.
- Fixed pki binary and moved it to /usr/libexece/strongswan as
others binaries are there too.

Wed Feb 19 13:00:00 2014 Pavel Šimerda - 5.1.1-5
- #903638 - SELinux is preventing /usr/sbin/xtables-multi from \'read\' accesses on the chr_file /dev/random

Thu Jan 9 13:00:00 2014 Pavel Šimerda - 5.1.1-4
- Removed redundant patches and
*.spec commands caused by branch merging

Wed Jan 8 13:00:00 2014 Pavel Šimerda - 5.1.1-3
- rebuilt

Mon Dec 2 13:00:00 2013 Avesh Agarwal - 5.1.1-2
- Resolves: 973315
- Resolves: 1036844

Fri Nov 1 13:00:00 2013 Avesh Agarwal - 5.1.1-1
- Support for PT-TLS (RFC 6876)
- Support for SWID IMC/IMV
- Support for command line IKE client charon-cmd
- Changed location of pki to /usr/bin
- Added swid tags files
- Added man pages for pki and charon-cmd
- Renamed pki to strongswan-pki to avoid conflict with
pki-core/pki-tools package.
- Update local patches
- Fixes CVE-2013-6075
- Fixes CVE-2013-6076
- Fixed autoconf/automake issue as configure.ac got changed
and it required running autoreconf during the build process.
- added strongswan signature file to the sources.

Thu Sep 12 14:00:00 2013 Avesh Agarwal - 5.1.0-3
- Fixed initialization crash of IMV and IMC particularly
attestation imv/imc as libstrongswas was not getting
initialized.

Fri Aug 30 14:00:00 2013 Avesh Agarwal - 5.1.0-2
- Enabled fips support
- Enabled TNC\'s ifmap support
- Enabled TNC\'s pdp support
- Fixed hardocded package name in this spec file

Wed Aug 7 14:00:00 2013 Avesh Agarwal - 5.1.0-1
- rhbz#981429: New upstream release
- Fixes CVE-2013-5018: rhbz#991216, rhbz#991215
- Fixes rhbz#991859 failed to build in rawhide
- Updated local patches and removed which are not needed
- Fixed errors around charon-nm
- Added plugins libstrongswan-pkcs12.so, libstrongswan-rc2.so,
libstrongswan-sshkey.so
- Added utility imv_policy_manager

Thu Jul 25 14:00:00 2013 Jamie Nguyen - 5.0.4-5
- rename strongswan-NetworkManager to strongswan-charon-nm
- fix enable_nm macro

Mon Jul 15 14:00:00 2013 Jamie Nguyen - 5.0.4-4
- %files tries to package some of the shared objects as directories (#984437)
- fix broken systemd unit file (#984300)
- fix rpmlint error: description-line-too-long
- fix rpmlint error: macro-in-comment
- fix rpmlint error: spelling-error Summary(en_US) fuctionality
- depend on \'systemd\' instead of \'systemd-units\'
- use new systemd scriptlet macros
- NetworkManager subpackage should have a copy of the license (#984490)
- enable hardened_build as this package meets the PIE criteria (#984429)
- invocation of \"ipsec _updown iptables\" is broken as ipsec is renamed
to strongswan in this package (#948306)
- invocation of \"ipsec scepclient\" is broken as ipsec is renamed
to strongswan in this package
- add /etc/strongswan/ipsec.d and missing subdirectories
- conditionalize building of strongswan-NetworkManager subpackage as the
version of NetworkManager in EL6 is too old (#984497)

Fri Jun 28 14:00:00 2013 Avesh Agarwal - 5.0.4-3
- Patch to fix a major crash issue when Freeradius loads
attestatiom-imv and does not initialize libstrongswan which
causes crash due to calls to PTS algorithms probing APIs.
So this patch fixes the order of initialization. This issues
does not occur with charon because libstrongswan gets
initialized earlier.
- Patch that allows to outputs errors when there are permission
issues when accessing strongswan.conf.
- Patch to make loading of modules configurable when libimcv
is used in stand alone mode without charon with freeradius
and wpa_supplicant.

Tue Jun 11 14:00:00 2013 Avesh Agarwal - 5.0.4-2
- Enabled TNCCS 1.1 protocol
- Fixed libxm2-devel build dependency
- Patch to fix the issue with loading of plugins

Wed May 1 14:00:00 2013 Avesh Agarwal - 5.0.4-1
- New upstream release
- Fixes for CVE-2013-2944
- Enabled support for OS IMV/IMC
- Created and applied a patch to disable ECP in fedora, because
Openssl in Fedora does not allow ECP_256 and ECP_384. It makes
it non-compliant to TCG\'s PTS standard, but there is no choice
right now. see redhat bz # 319901.
- Enabled Trousers support for TPM based operations.

Sat Apr 20 14:00:00 2013 Pavel Šimerda - 5.0.3-2
- Rebuilt for a single specfile for rawhide/f19/f18/el6

Fri Apr 19 14:00:00 2013 Avesh Agarwal - 5.0.3-1
- New upstream release
- Enabled curl and eap-identity plugins
- Enabled support for eap-radius plugin.

Thu Apr 18 14:00:00 2013 Pavel Šimerda - 5.0.2-3
- Add gettext-devel to BuildRequires because of epel6
- Remove unnecessary comments

Tue Mar 19 13:00:00 2013 Avesh Agarwal - 5.0.2-2
- Enabled support for eap-radius plugin.

Mon Mar 11 13:00:00 2013 Avesh Agarwal - 5.0.2-1
- Update to upstream release 5.0.2
- Created sub package strongswan-tnc-imcvs that provides trusted network
connect\'s IMC and IMV funtionality. Specifically it includes PTS
based IMC/IMV for TPM based remote attestation and scanner and test
IMCs and IMVs. The Strongswan\'s IMC/IMV dynamic libraries can be used
by any third party TNC Client/Server implementation possessing a
standard IF-IMC/IMV interface.

Fri Feb 15 13:00:00 2013 Fedora Release Engineering - 5.0.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild

Thu Oct 4 14:00:00 2012 Pavel Šimerda - 5.0.1-1
- Update to release 5.0.1

Thu Oct 4 14:00:00 2012 Pavel Šimerda - 5.0.0-4.git20120619
- Add plugins to interoperate with Windows 7 and Android (#862472)
(contributed by Haim Gelfenbeyn)

Sat Jul 21 14:00:00 2012 Fedora Release Engineering - 5.0.0-3.git20120619
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild

Sun Jul 8 14:00:00 2012 Pavel Šimerda - 5.0.0-2.git20120619
- Fix configure substitutions in initscripts

Wed Jul 4 14:00:00 2012 Pavel Šimerda - 5.0.0-1.git20120619
- Update to current upstream release
- Comment out all stuff that is only needed for git builds
- Remove renaming patch from git
- Improve init patch used for EPEL

Thu Jun 21 14:00:00 2012 Pavel Šimerda - 5.0.0-0.3.git20120619
- Build with openssl plugin enabled

Wed Jun 20 14:00:00 2012 Pavel Šimerda - 5.0.0-0.2.git20120619
- Add README.Fedora with link to 4.6 to 5.0 migration information

Tue Jun 19 14:00:00 2012 Pavel Šimerda - 5.0.0-0.1.git20120619
- Snapshot of upcoming major release
- Move patches and renaming upstream
http://wiki.strongswan.org/issues/194
http://wiki.strongswan.org/issues/195
- Notified upstream about manpage issues

Tue Jun 19 14:00:00 2012 Pavel Šimerda - 4.6.4-2
- Make initscript patch more distro-neutral
- Add links to bugreports for patches

Fri Jun 1 14:00:00 2012 Pavel Šimerda - 4.6.4-1
- New upstream version (CVE-2012-2388)

Sat May 26 14:00:00 2012 Pavel Šimerda - 4.6.3-2
- Add --enable-nm to configure
- Add NetworkManager-devel to BuildRequires
- Add NetworkManager-glib-devel to BuildRequires
- Add strongswan-NetworkManager package

Sat May 26 14:00:00 2012 Pavel Šimerda - 4.6.3-1
- New version of Strongswan
- Support for RFC 3110 DNSKEY (see upstream changelog)
- Fix corrupt scriptlets

Fri Mar 30 14:00:00 2012 Pavel Šimerda - 4.6.2-2
- #808612 - strongswan binary renaming side-effect

Sun Feb 26 13:00:00 2012 Pavel Šimerda - 4.6.2-1
- New upstream version
- Changed from .tar.gz to .tar.bz2
- Added libstrongswan-pkcs8.so

Wed Feb 15 13:00:00 2012 Pavel Šimerda - 4.6.1-8
- Fix initscript\'s status function

Wed Feb 15 13:00:00 2012 Pavel Šimerda - 4.6.1-7
- Expand tabs in config files for better readability
- Add sysvinit script for epel6

Wed Feb 15 13:00:00 2012 Pavel Šimerda - 4.6.1-6
- Fix program name in systemd unit file

Tue Feb 14 13:00:00 2012 Pavel Šimerda - 4.6.1-5
- Improve fedora/epel conditionals

Sat Jan 21 13:00:00 2012 Pavel Šimerda - 4.6.1-4
- Protect configuration directory from ordinary users
- Add still missing directory /etc/strongswan

Fri Jan 20 13:00:00 2012 Pavel Šimerda - 4.6.1-3
- Change directory structure to avoid clashes with Openswan
- Prefixed all manpages with \'strongswan_\'
- Every file now includes \'strongswan\' somewhere in its path
- Removed conflict with Openswan
- Finally fix permissions on strongswan.conf

Fri Jan 20 13:00:00 2012 Pavel Šimerda - 4.6.1-2
- Change license tag from GPL to GPLv2+
- Change permissions on /etc/strongswan.conf to 644
- Rename ipsec.8 manpage to strongswan.8
- Fix empty scriptlets for non-fedora builds
- Add ldconfig scriptlet
- Add missing directories and files

Sun Jan 1 13:00:00 2012 Pavel Šimerda - Bump to version 4.6.1

Sun Jan 1 13:00:00 2012 Pavel Šimerda - Add systemd scriptlets
- Add conditions to also support EPEL6

Sat Dec 10 13:00:00 2011 Pavel Šimerda - 4.6.0-2
- Experimental build for development


 
ICM