Change log for ipsec-tools package in Ubuntu

167 of 67 results
Deleted in eoan-release (Reason: (From Debian) ROM; dead upstream, alternatives available;...)
Published in disco-release on 2018-10-30
Published in cosmic-release on 2018-08-22
Deleted in cosmic-proposed (Reason: moved to release)
ipsec-tools (1:0.8.2+20140711-12) unstable; urgency=medium

  * Increase stack-based sprintf buffer sizes (Closes: #906473)
  * Update Maintainer email address
  * Bump Standards-Version to 4.2.0

 -- Chris Hofstaedtler <email address hidden>  Sat, 18 Aug 2018 17:18:30 +0000
Superseded in cosmic-release on 2018-08-22
Deleted in cosmic-proposed on 2018-08-23 (Reason: moved to release)
ipsec-tools (1:0.8.2+20140711-11) unstable; urgency=medium

  * Add support for OpenSSL 1.1. (Closes: 858930)
  * Add support for Flex 2.6.4-6 (Closes: 892831)
  * Set Priority: optional per policy 4.0.1

 -- Noah Meyerhans <email address hidden>  Fri, 29 Jun 2018 17:08:05 -0700
Superseded in cosmic-release on 2018-06-30
Published in bionic-release on 2018-02-20
Deleted in bionic-proposed (Reason: moved to release)
ipsec-tools (1:0.8.2+20140711-10build1) bionic; urgency=medium

  * No-change rebuild to pick up the shared flex library.

 -- Matthias Klose <email address hidden>  Tue, 20 Feb 2018 07:01:59 +0000
Superseded in bionic-release on 2018-02-20
Published in artful-release on 2017-08-29
Deleted in artful-proposed (Reason: moved to release)
ipsec-tools (1:0.8.2+20140711-10) unstable; urgency=medium

  * Correct some memory management errors leading to compilation failure due to
    failed format-truncation gcc checks. (Closes: 853457)

 -- Noah Meyerhans <email address hidden>  Thu, 24 Aug 2017 21:51:40 -0700
Superseded in artful-release on 2017-08-29
Deleted in artful-proposed on 2017-08-30 (Reason: moved to release)
ipsec-tools (1:0.8.2+20140711-9) unstable; urgency=medium

  * Import NetBSD's patch to address CVE-2016-10396 (Closes: #867986)
  * Update to debhelper compat level 10
  * Update to policy 4.0 compliance.

 -- Noah Meyerhans <email address hidden>  Wed, 26 Jul 2017 22:56:33 -0700
Superseded in artful-release on 2017-07-28
Obsolete in zesty-release on 2018-06-22
Deleted in zesty-proposed on 2018-06-22 (Reason: moved to release)
ipsec-tools (1:0.8.2+20140711-8) unstable; urgency=medium

  * Depend on libfl-dev to follow flex changes (Closes: #846430)

 -- Christian Hofstaedtler <email address hidden>  Thu, 01 Dec 2016 09:49:16 +0000
Superseded in zesty-release on 2016-12-01
Deleted in zesty-proposed on 2016-12-03 (Reason: moved to release)
ipsec-tools (1:0.8.2+20140711-7) unstable; urgency=medium

  * Build against libssl1.0-dev for stretch. (Closes: #828354)
    Patch from Adrian Bunk <email address hidden>, thanks.

 -- Christian Hofstaedtler <email address hidden>  Sat, 12 Nov 2016 20:08:35 +0000
Published in trusty-updates on 2016-09-01
Published in trusty-security on 2016-09-01
ipsec-tools (1:0.8.0-14+deb7u1ubuntu0.1) trusty-security; urgency=medium

  * Security merge from Debian.

Superseded in zesty-release on 2016-11-14
Obsolete in yakkety-release on 2018-01-23
Deleted in yakkety-proposed on 2018-01-23 (Reason: moved to release)
ipsec-tools (1:0.8.2+20140711-6) unstable; urgency=medium

  [ Felipe Sateler ]
  * Add systemd unit for setkey (Closes: #796619)

  [ Christian Hofstaedtler ]
  * Bump Standards-Version to 3.9.8 (no changes needed)

 -- Christian Hofstaedtler <email address hidden>  Wed, 15 Jun 2016 07:48:10 +0000
Superseded in yakkety-release on 2016-06-16
Published in xenial-release on 2016-01-17
Deleted in xenial-proposed (Reason: moved to release)
ipsec-tools (1:0.8.2+20140711-5) unstable; urgency=medium

  * Fix FTBFS with glibc 2.21 due to _BSD_SOURCE being deprecated and the
    build system treating all warnings as errors. (Closes: #790244)

 -- Christian Hofstaedtler <email address hidden>  Sun, 17 Jan 2016 08:57:49 +0000
Superseded in xenial-release on 2016-01-17
Obsolete in wily-release on 2018-01-22
Deleted in wily-proposed on 2018-01-22 (Reason: moved to release)
ipsec-tools (1:0.8.2+20140711-4) unstable; urgency=medium

  * Fix FTBFS with gcc 5 due to unspecified parameter type in xauth_reply,
    src/racoon/isakmp_xauth.c (Closes: 777918)

 -- Noah Meyerhans <email address hidden>  Fri, 26 Jun 2015 09:38:42 -0700
Obsolete in vivid-updates on 2018-01-18
Obsolete in vivid-security on 2018-01-18
ipsec-tools (1:0.8.2+20140711-2+deb8u1build0.15.04.1) vivid-security; urgency=medium

  * fake sync from Debian

Published in precise-updates on 2015-06-01
Published in precise-security on 2015-06-01
ipsec-tools (1:0.8.0-9ubuntu1.1) precise-security; urgency=medium

  * SECURITY UPDATE: denial of service via racoon null dereference
    - debian/patches/CVE-2015-4047.patch: check iph1->rmconf in
      src/racoon/gssapi.c.
    - CVE-2015-4047

 -- Marc Deslauriers <email address hidden>  Mon, 25 May 2015 11:47:57 -0400
Superseded in wily-release on 2015-06-27
Deleted in wily-proposed on 2015-06-28 (Reason: moved to release)
ipsec-tools (1:0.8.2+20140711-3) unstable; urgency=medium

  * Fix null pointer dereference leading to a possible crash and
    denial of service attack. (Closes: 785778)

 -- Noah Meyerhans <email address hidden>  Wed, 20 May 2015 10:46:55 -0700
Superseded in wily-release on 2015-05-24
Obsolete in vivid-release on 2018-01-18
Deleted in vivid-proposed on 2018-01-19 (Reason: moved to release)
ipsec-tools (1:0.8.2+20140711-2) unstable; urgency=low


  * Stop using hardening-wrapper
  * Import patch for checkpoint xauth. (Closes: 650176)
  * Bump standards version to 3.9.6 (no changes)

 -- Noah Meyerhans <email address hidden>  Mon, 13 Oct 2014 22:55:01 -0700
Superseded in vivid-release on 2014-11-16
Obsolete in utopic-release on 2016-11-03
Published in trusty-release on 2014-04-14
Superseded in trusty-release on 2014-04-14
Deleted in trusty-proposed (Reason: moved to release)
ipsec-tools (1:0.8.0-14ubuntu4) trusty; urgency=medium

  * Update aclocal.m4 and configure for ppc64el.
 -- Matthias Klose <email address hidden>   Sun, 22 Dec 2013 18:38:26 +0100
Superseded in trusty-release on 2013-12-22
Obsolete in saucy-release on 2015-04-24
Deleted in saucy-proposed on 2015-04-28 (Reason: moved to release)
ipsec-tools (1:0.8.0-14ubuntu3) saucy; urgency=low

  * Update config.{guess,sub} for AArch64.
 -- Matthias Klose <email address hidden>   Wed, 09 Oct 2013 21:38:28 +0200
Superseded in saucy-release on 2013-10-09
Obsolete in raring-release on 2015-04-24
Deleted in raring-proposed on 2015-04-27 (Reason: moved to release)
ipsec-tools (1:0.8.0-14ubuntu2) raring; urgency=low

  * Fix build failure with GCC 4.8.
 -- Matthias Klose <email address hidden>   Tue, 26 Feb 2013 10:00:37 +0100
Superseded in raring-release on 2013-02-26
Deleted in raring-proposed on 2013-02-28 (Reason: moved to release)
ipsec-tools (1:0.8.0-14ubuntu1) raring; urgency=low

  * Resynchronise with Debian.  Remaining changes:
    - Depend on lsb-base.
  * Make racoon depend on lsb-base too.

Superseded in raring-release on 2012-12-03
Obsolete in quantal-release on 2015-04-24
ipsec-tools (1:0.8.0-9ubuntu2) quantal; urgency=low

  * Rebuild for new armel compiler default of ARMv5t.
 -- Colin Watson <email address hidden>   Wed, 03 Oct 2012 09:27:21 +0100
Obsolete in lucid-updates on 2016-10-26
Deleted in lucid-proposed on 2016-11-01 (Reason: moved to -updates)
ipsec-tools (1:0.7.1-1.6ubuntu1.1) lucid-proposed; urgency=low

  * src/racoon/handler.c: fix phase 2 negotiation (LP: #947309).
    - Patch from upstream CVS revisions 1.31 and 1.32.
    - Fixes Vista and Windows 7 client support.
 -- Robie Basak <email address hidden>   Fri, 09 Mar 2012 19:01:04 +0000
Obsolete in oneiric-updates on 2015-04-24
Deleted in oneiric-proposed on 2015-04-26 (Reason: moved to -updates)
ipsec-tools (1:0.8.0-3ubuntu1.1) oneiric-proposed; urgency=low

  * debian/racoon-tool.pl: Backport a fix to correctly determine module
    extension for 3.x kernels. (LP: #877891)
 -- Adam Gandelman <email address hidden>   Tue, 25 Oct 2011 11:12:16 -0700
Superseded in quantal-release on 2012-10-03
Published in precise-release on 2011-10-25
ipsec-tools (1:0.8.0-9ubuntu1) precise; urgency=low

  * Merge from Debian unstable (LP: #881097). Remaining changes:
     - debian/control: Depend on lsb-base
     - debian/rules: switch -U_FORTIFY_SOURCE for -D_FORTIFY_SOURCE=0
  * Dropped changes:
     - Modify configure.ac to not convert -RXYZ to -Wl,-RXYZ, and regenerate
       configure (Applied in debian via configure-pass-Wl-with-R.patch)
     - debian/{racoon.init, ipsec-tools.setkey.init}: Re-write LSB init script
       (Fixed in Debian)

Superseded in precise-release on 2011-10-25
Obsolete in oneiric-release on 2015-04-24
ipsec-tools (1:0.8.0-3ubuntu1) oneiric; urgency=low

  * Merge from debian unstable (LP: #787114), remaining changes:
    - debian/control: Depend on lsb-base
  * Dropped patches, applied upstream:
    - debian/patches/fix-address-already-in-use.patch
    - fix-several-formating-errors-in-setkey-manpage.patch
  * debian/rules: switch -U_FORTIFY_SOURCE for -D_FORTIFY_SOURCE=0, bc the
    latter breaks in oneiric, claiming _FORTIFY_SOURCE is redefined.
  * Modify configure.ac to not convert -RXYZ to -Wl,-RXYZ, and regenerate
    configure.
  * debian/ipsec-tools.setkey.init: Re-write LSB init script
  * debian/racoon.init: LSB init script

Superseded in oneiric-release on 2011-06-08
Obsolete in natty-release on 2013-06-04
ipsec-tools (1:0.7.3-12ubuntu1) natty; urgency=low

  [ Lorenzo De Liso ]
  * Merge from debian unstable (LP: #681427), remaining changes:
    - debian/control: Depend on lsb-base
    - debian/ipsec-tools.setket.init: LSB init script.
    - debian/patches/fix-address-already-in-use.patch: Fix address already
      in use. (LP: #332606)
  * Dropped changes:
    - debian/{control,rules}: add and enable hardening build for PIE
      (Debian bug 542731): fixed in debian
    - src/racoon/ipsec_doi.c: Patched to fix segfault when using
      ipv6 addresses in sainfo section of racoon.conf. Thanks to
      Fredrik Ljunggren. (LP: #374185): fixed upstream

  [ Alessio Treglia ]
  * Refresh Lorenzo's patch in order to make it apply cleanly,
    add patch header as per DEP-3 spec.
  * Refresh fix-several-formating-errors-in-setkey-manpage.patch.

Superseded in natty-release on 2010-11-26
Obsolete in maverick-release on 2013-03-05
ipsec-tools (1:0.7.3-8ubuntu1) maverick; urgency=low

  * Merge from debian/unstable:
    + debian/control:
      - Set Ubuntu maintainer address
      - Depend on lsb-base
    + debian/ipsec-tools.setket.init: LSB init script.
    + debian/{control,rules}: add and enable hardening build for PIE
      (Debian bug 542731)
    + src/racoon/ipsec_doi.c: Patched to fix segfault when using
      ipv6 addresses in sainfo section of racoon.conf. Thanks to
      Fredrik Ljunggren. (LP: #374185)
    + src/racoon/isakmp.c: Fix address already in use. (LP: #332606)
 -- Chuck Short <email address hidden>   Fri, 02 Jul 2010 13:06:26 -0400
Superseded in maverick-release on 2010-07-02
ipsec-tools (1:0.7.3-6ubuntu1) maverick; urgency=low

  * Merge from debian unstable.  Remaining changes:
    + debian/control:
      - Set Ubuntu maintainer address
      - Depend on lsb-base
    + debian/ipsec-tools.setket.init: LSB init script.
    + debian/{control,rules}: add and enable hardening build for PIE
      (Debian bug 542731)
    + src/racoon/ipsec_doi.c: Patched to fix segfault when using
      ipv6 addresses in sainfo section of racoon.conf. Thanks to
      Fredrik Ljunggren. (LP: #374185)
    + src/racoon/isakmp.c: Fix address already in use. (LP: #332606)

Superseded in maverick-release on 2010-05-18
Obsolete in lucid-release on 2016-10-26
ipsec-tools (1:0.7.1-1.6ubuntu1) lucid; urgency=low

  * Merge from debian testing.  Remaining changes:
    - debian/control:
      - Set Ubuntu maintainer address.
      - Depend on lsb-base
    - debian/ipsec-tools.setkey.init: LSB init script.
    - Enable build with hardened options:
      - src/setkey/setkey.c: stop scanning stdin if fgets fails.
    - debian/{control,rules}: add and enable hardened build for PIE
      (Debian bug 542731).
    - src/racoon/ipsec_doi.c: Patched to fix segfault when using
      ipv6 addresses in sainfo section of racoon.conf. Thanks to
      Fredrik Ljunggren. (LP: #374185)
    - src/racoon/isakmp.c: Fix address already in use. (LP: #332606)

Deleted in intrepid-proposed on 2010-03-04 (Reason: unverified SRU, timing out)
ipsec-tools (1:0.7-2.1ubuntu1.8.10.2) intrepid-proposed; urgency=low

  * src/racoon/ipsec_doi.c: Patched to fix segfault when using
    ipv6 addresses in sainfo section of racoon.conf. Thanks to
    Fredrik Ljunggren. (LP: #374185)
 -- Chuck Short <email address hidden>   Mon, 09 Nov 2009 09:32:28 -0500
Deleted in jaunty-proposed on 2010-04-29 (Reason: unverified SRU, timing out)
ipsec-tools (1:0.7-2.1ubuntu1.9.04.2) jaunty-proposed; urgency=low

  * src/racoon/ipsec_doi.c: Patched to fix segfault when using
    ipv6 addresses in sainfo section of racoon.conf. Thanks to
    Fredrik Ljunggren. (LP: #374185)
 -- Chuck Short <email address hidden>   Mon, 09 Nov 2009 09:26:42 -0500
Superseded in lucid-release on 2010-01-06
Obsolete in karmic-release on 2013-03-04
ipsec-tools (1:0.7.1-1.5ubuntu4) karmic; urgency=low

  * src/racoon/isakmp.c: Fix address already in use. (LP: #332606)

 -- Chuck Short <email address hidden>   Tue, 15 Sep 2009 08:39:41 -0400
Superseded in karmic-release on 2009-09-15
ipsec-tools (1:0.7.1-1.5ubuntu3) karmic; urgency=low

  * src/racoon/ipsec_doi.c: Patched to fix segfault when using
    ipv6 addresses in sainfo section of racoon.conf. Thanks to
    Fredrik Ljunggren. (LP: #374185)

 -- Chuck Short <email address hidden>   Wed, 09 Sep 2009 13:11:32 -0400
Superseded in karmic-release on 2009-09-09
ipsec-tools (1:0.7.1-1.5ubuntu2) karmic; urgency=low

  * debian/{control,rules}: add and enable hardened build for PIE
    (Debian bug 542731).

 -- Kees Cook <email address hidden>   Thu, 20 Aug 2009 17:56:30 -0700
Superseded in karmic-release on 2009-08-21
ipsec-tools (1:0.7.1-1.5ubuntu1) karmic; urgency=low

  * Merge from debian unstable, remaining changes:
    - debian/control:
      - Set Ubuntu maintainer address.
      - Depend on lsb-base.
    - debian/ipsec-tools.setkey.init: LSB init script.
    - debian/rules: build with -fno-strict-aliasing, required with gcc 4.4.
    - Enable build with hardened options:
      - src/setkey/setkey.c: stop scanning stdin if fgets fails.
  * Dropped
    - src/libipsec/policy_token.c: don't check return code of fwrite.

Superseded in karmic-release on 2009-07-24
ipsec-tools (1:0.7-2.1ubuntu3) karmic; urgency=low

  * debian/rules: build with -fno-strict-aliasing, required with gcc 4.4.

 -- Steve Langasek <email address hidden>   Tue, 21 Jul 2009 18:33:13 +0000
Superseded in karmic-release on 2009-07-21
ipsec-tools (1:0.7-2.1ubuntu2) karmic; urgency=low

  * No-change rebuild against libkrb5-3.

 -- Steve Langasek <email address hidden>   Tue, 21 Jul 2009 08:26:53 +0000
Obsolete in jaunty-updates on 2013-02-28
Obsolete in jaunty-security on 2013-02-28
ipsec-tools (1:0.7-2.1ubuntu1.9.04.1) jaunty-security; urgency=low

  * SECURITY UPDATE: denial of service via fragmented packets without a
    payload.
    - src/racoon/isakmp_frag.c: validate size of payload data.
    - http://cvsweb.netbsd.org/bsdweb.cgi/src/crypto/dist/ipsec-tools/src/racoon/isakmp_frag.c.diff?r1=1.4&r2=1.4.6.1&f=h
    - CVE-2009-1574
  * SECURITY UPDATE: denial of service via multiple memory leaks.
    - src/racoon/crypto_openssl.c: call X509_free().
    - src/racoon/nattraversal.c: add new natt_keepalive_delete() function
      that also frees ka->src and ka->dst.
    - http://cvsweb.netbsd.org/bsdweb.cgi/src/crypto/dist/ipsec-tools/src/racoon/crypto_openssl.c.diff?r1=1.11.6.4&r2=1.11.6.5&f=u
    - http://cvsweb.netbsd.org/bsdweb.cgi/src/crypto/dist/ipsec-tools/src/racoon/nattraversal.c.diff?r1=1.6&r2=1.6.6.1&f=u
    - CVE-2009-1632

 -- Marc Deslauriers <email address hidden>   Thu, 04 Jun 2009 14:10:48 -0400
Obsolete in intrepid-updates on 2013-02-20
Obsolete in intrepid-security on 2013-02-20
ipsec-tools (1:0.7-2.1ubuntu1.8.10.1) intrepid-security; urgency=low

  * SECURITY UPDATE: denial of service via fragmented packets without a
    payload.
    - src/racoon/isakmp_frag.c: validate size of payload data.
    - http://cvsweb.netbsd.org/bsdweb.cgi/src/crypto/dist/ipsec-tools/src/racoon/isakmp_frag.c.diff?r1=1.4&r2=1.4.6.1&f=h
    - CVE-2009-1574
  * SECURITY UPDATE: denial of service via multiple memory leaks.
    - src/racoon/crypto_openssl.c: call X509_free().
    - src/racoon/nattraversal.c: add new natt_keepalive_delete() function
      that also frees ka->src and ka->dst.
    - http://cvsweb.netbsd.org/bsdweb.cgi/src/crypto/dist/ipsec-tools/src/racoon/crypto_openssl.c.diff?r1=1.11.6.4&r2=1.11.6.5&f=u
    - http://cvsweb.netbsd.org/bsdweb.cgi/src/crypto/dist/ipsec-tools/src/racoon/nattraversal.c.diff?r1=1.6&r2=1.6.6.1&f=u
    - CVE-2009-1632

 -- Marc Deslauriers <email address hidden>   Thu, 04 Jun 2009 14:35:06 -0400
Obsolete in hardy-updates on 2015-04-24
Obsolete in hardy-security on 2015-04-24
ipsec-tools (1:0.6.7-1.1ubuntu1.2) hardy-security; urgency=low

  * SECURITY UPDATE: denial of service via fragmented packets without a
    payload.
    - src/racoon/isakmp_frag.c: validate size of payload data.
    - http://cvsweb.netbsd.org/bsdweb.cgi/src/crypto/dist/ipsec-tools/src/racoon/isakmp_frag.c.diff?r1=1.4&r2=1.4.6.1&f=h
    - CVE-2009-1574
  * SECURITY UPDATE: denial of service via multiple memory leaks.
    - src/racoon/crypto_openssl.c: call X509_free().
    - src/racoon/nattraversal.c: add new natt_keepalive_delete() function
      that also frees ka->src and ka->dst.
    - http://cvsweb.netbsd.org/bsdweb.cgi/src/crypto/dist/ipsec-tools/src/racoon/crypto_openssl.c.diff?r1=1.11.6.4&r2=1.11.6.5&f=u
    - http://cvsweb.netbsd.org/bsdweb.cgi/src/crypto/dist/ipsec-tools/src/racoon/nattraversal.c.diff?r1=1.6&r2=1.6.6.1&f=u
    - CVE-2009-1632

 -- Marc Deslauriers <email address hidden>   Thu, 04 Jun 2009 14:41:34 -0400
Obsolete in dapper-updates on 2011-09-06
Obsolete in dapper-security on 2011-09-06
ipsec-tools (1:0.6.5-4ubuntu1.3) dapper-security; urgency=low

  * SECURITY UPDATE: denial of service via fragmented packets without a
    payload.
    - src/racoon/isakmp_frag.c: validate size of payload data.
    - http://cvsweb.netbsd.org/bsdweb.cgi/src/crypto/dist/ipsec-tools/src/racoon/isakmp_frag.c.diff?r1=1.4&r2=1.4.6.1&f=h
    - CVE-2009-1574
  * SECURITY UPDATE: denial of service via multiple memory leaks.
    - src/racoon/crypto_openssl.c: call X509_free().
    - src/racoon/nattraversal.c: add new natt_keepalive_delete() function
      that also frees ka->src and ka->dst.
    - http://cvsweb.netbsd.org/bsdweb.cgi/src/crypto/dist/ipsec-tools/src/racoon/crypto_openssl.c.diff?r1=1.11.6.4&r2=1.11.6.5&f=u
    - http://cvsweb.netbsd.org/bsdweb.cgi/src/crypto/dist/ipsec-tools/src/racoon/nattraversal.c.diff?r1=1.6&r2=1.6.6.1&f=u
    - CVE-2009-1632

 -- Marc Deslauriers <email address hidden>   Thu, 04 Jun 2009 14:46:40 -0400
Superseded in hardy-updates on 2009-06-09
Superseded in hardy-security on 2009-06-09
ipsec-tools (1:0.6.7-1.1ubuntu1.1) hardy-security; urgency=low

  * SECURITY UPDATE: memory leak can lead to denial of service.
  * src/racoon/{algorithm,ipsec_doi,isakmp,isakmp_inf,proposal}.c:
    upstream fixes, thanks to Tomas Mraz.
  * References
    CVE-2008-3651 CVE-2008-3652

 -- Kees Cook <email address hidden>   Tue, 02 Sep 2008 12:09:59 -0700
Obsolete in feisty-updates on 2009-08-20
Obsolete in feisty-security on 2009-08-20
ipsec-tools (1:0.6.6-3ubuntu3.1) feisty-security; urgency=low

  * SECURITY UPDATE: memory leak can lead to denial of service.
  * src/racoon/{algorithm,ipsec_doi,isakmp,isakmp_inf,proposal}.c:
    upstream fixes, thanks to Tomas Mraz.
  * References
    CVE-2008-3651 CVE-2008-3652

 -- Kees Cook <email address hidden>   Tue, 02 Sep 2008 12:11:55 -0700
Obsolete in gutsy-updates on 2011-09-16
Obsolete in gutsy-security on 2011-09-16
ipsec-tools (1:0.6.6-3.1ubuntu3.1) gutsy-security; urgency=low

  * SECURITY UPDATE: memory leak can lead to denial of service.
  * src/racoon/{algorithm,ipsec_doi,isakmp,isakmp_inf,proposal}.c:
    upstream fixes, thanks to Tomas Mraz.
  * References
    CVE-2008-3651 CVE-2008-3652

 -- Kees Cook <email address hidden>   Tue, 02 Sep 2008 12:09:59 -0700
Superseded in dapper-updates on 2009-06-09
Superseded in dapper-security on 2009-06-09
ipsec-tools (1:0.6.5-4ubuntu1.2) dapper-security; urgency=low

  * SECURITY UPDATE: memory leak can lead to denial of service.
  * src/racoon/{algorithm,ipsec_doi,isakmp,isakmp_inf,proposal}.c:
    upstream fixes, thanks to Tomas Mraz.
  * References
    CVE-2008-3651 CVE-2008-3652

 -- Kees Cook <email address hidden>   Tue, 02 Sep 2008 12:12:52 -0700
Superseded in karmic-release on 2009-07-21
Obsolete in jaunty-release on 2013-02-28
Obsolete in intrepid-release on 2013-02-20
ipsec-tools (1:0.7-2.1ubuntu1) intrepid; urgency=low

  * Merge from debian unstable, remaining changes:
    - debian/control:
      - Set Ubuntu maintainer address.
      - Depend on lsb-base.
    - debian/ipsec-tools.setkey.init:
      - LSB init script.
  * Dropped:
    - debian/ipsec-tools.setkey.init:
      - restart method: stop then start.
      - Use {} instead of () in usage (bash_completion).
    - debian/racoon.init:
      - Create /var/run/racoon.
      - Use {} instead of () in usage (bash_completion).
  * Bug fixed by this merge:
      - fix XAuth with U-FQDN (LP: #234166).
  * Enable build with hardened options:
    - src/libipsec/policy_token.c: don't check return code of fwrite.
    - src/setkey/setkey.c: stop scanning stdin if fgets fails.

 -- Mathias Gug <email address hidden>   Wed, 18 Jun 2008 17:34:55 -0400
Superseded in intrepid-release on 2008-06-18
Obsolete in hardy-release on 2015-04-24
ipsec-tools (1:0.6.7-1.1ubuntu1) hardy; urgency=low

  * Merge from debian unstable, remaining changes:
    - debian/control:
      - Set Ubuntu maintainer address.
      - Depend on lsb-base.
    - debian/ipsec-tools.setkey.init:
      - LSB init script.
      - restart method: stop then start.
      - Use {} instead of () in usage (bash_completion).
    - debian/racoon.init:
      - Create /var/run/racoon.
      - Use {} instead of () in usage (bash_completion).
  * Dropped:
    - src/racoon/isakmp_inf.c: upstream fix for unecrypted ISAKMP packets.
    - src/racoon/grabmyaddr.c: Define IFA_RTA and #include <linux/if_addr.h>.

Superseded in hardy-release on 2007-12-03
Obsolete in gutsy-release on 2011-09-16
ipsec-tools (1:0.6.6-3.1ubuntu3) gutsy; urgency=low

  * fix racoon.init to work with bash_completion (LP: #88153)

 -- Patrick Hetu <email address hidden>   Tue, 10 Jul 2007 10:59:25 -0400
Superseded in gutsy-release on 2007-07-19
ipsec-tools (1:0.6.6-3.1ubuntu2) gutsy; urgency=low

  * Fix compilation errors with GCC-4.2.

 -- Matthias Klose <email address hidden>   Tue, 29 May 2007 09:05:02 +0200
Superseded in gutsy-release on 2007-05-29
ipsec-tools (1:0.6.6-3.1ubuntu1) gutsy; urgency=low

  * Merge from debian unstable, remaining changes:
    - src/racoon/isakmp_inf.c: upstream fix for unecrypted ISAKMP packets.
    - src/racoon/grabmyaddr.c: Define IFA_RTA and #include <linux/if_addr.h>.
    - debian/control: Set Ubuntu maintainer address.
    - LSB init script.
    - debian/racoon.init: Create /var/run/racoon.

Superseded in gutsy-release on 2007-05-08
Obsolete in feisty-release on 2009-08-20
ipsec-tools (1:0.6.6-3ubuntu3) feisty; urgency=low

  * SECURITY UPDATE: remote ipsec tunnel disruption.
  * src/racoon/isakmp_inf.c: upstream fix for unecrypted ISAKMP packets
    causing tunnels to be disconnected.
  * References
    CVE-2007-1841

 -- Kees Cook <email address hidden>   Wed,  4 Apr 2007 13:46:40 -0700
Obsolete in edgy-updates on 2008-06-19
Obsolete in edgy-security on 2008-06-19
ipsec-tools (1:0.6.6-1ubuntu1.1) edgy-security; urgency=low

  * SECURITY UPDATE: remote ipsec tunnel disruption.
  * src/racoon/isakmp_inf.c: upstream fix for unecrypted ISAKMP packets
    causing tunnels to be disconnected.
  * debian/rules: disabled template rebuild for security update.
  * References
    CVE-2007-1841

 -- Kees Cook <email address hidden>   Wed,  4 Apr 2007 13:45:08 -0700
Superseded in dapper-updates on 2008-09-09
Superseded in dapper-security on 2008-09-09
ipsec-tools (1:0.6.5-4ubuntu1.1) dapper-security; urgency=low

  * SECURITY UPDATE: remote ipsec tunnel disruption.
  * src/racoon/isakmp_inf.c: upstream fix for unecrypted ISAKMP packets
    causing tunnels to be disconnected.
  * References
    CVE-2007-1841

 -- Kees Cook <email address hidden>   Wed,  4 Apr 2007 13:43:13 -0700
Obsolete in breezy-security on 2008-03-25
ipsec-tools (1:0.6-1ubuntu1.2) breezy-security; urgency=low

  * SECURITY UPDATE: remote ipsec tunnel disruption.
  * src/racoon/isakmp_inf.c: upstream fix for unecrypted ISAKMP packets
    causing tunnels to be disconnected.
  * References
    CVE-2007-1841

 -- Kees Cook <email address hidden>   Wed,  4 Apr 2007 13:40:41 -0700
Superseded in feisty-release on 2007-04-10
ipsec-tools (1:0.6.6-3ubuntu2) feisty; urgency=low

  * Rebuild for changes in the amd64 toolchain.
  * Set Ubuntu maintainer address.

 -- Matthias Klose <email address hidden>   Mon,  5 Mar 2007 01:19:03 +0000
Superseded in feisty-release on 2007-03-05
ipsec-tools (1:0.6.6-3ubuntu1) feisty; urgency=low

  * Merge from debian unstable.
    - LSB init script.
    - debian/racoon.init: Create /var/run/racoon.
  * src/racoon/grabmyaddr.c: Define IFA_RTA and #include <linux/if_addr.h>.

Superseded in feisty-release on 2006-11-05
Obsolete in edgy-release on 2008-06-19
ipsec-tools (1:0.6.6-1ubuntu1) edgy; urgency=low

  * Merge from Debian. Only changes left:
    - LSB init script.
    - debian/racoon.init: Create /var/run/racoon.

Superseded in edgy-release on 2006-06-30
Obsolete in dapper-release on 2011-09-06
ipsec-tools (1:0.6.5-4ubuntu1) dapper; urgency=low

  * Synchronize to Debian to bring in new upstream version.
    - UVF exception approved by Matt Zimmerman.
    - New version repairs racoon for road warrior setup (which broke in
      earlier Dapper versions, but worked fine in Breezy). Closes: LP#40386

Superseded in dapper-release on 2006-05-11
ipsec-tools (1:0.6.4-1ubuntu2) dapper; urgency=low

  * Create /var/run/racoon in the init script.

 -- Scott James Remnant <email address hidden>   Wed, 19 Apr 2006 14:26:13 +0100
Superseded in dapper-release on 2006-04-20
ipsec-tools (1:0.6.4-1ubuntu1) dapper; urgency=low

  * Resynchronise with Debian.

Superseded in dapper-release on 2006-02-07
ipsec-tools (1:0.6.2-2ubuntu2) dapper; urgency=low


  * Rebuild against openssl 0.9.8.

 -- Martin Pitt <email address hidden>  Mon, 30 Jan 2006 10:48:21 +0000
Superseded in dapper-release on 2006-02-04
Superseded in dapper-release on 2006-02-04
Superseded in dapper-release on 2006-02-03
ipsec-tools (1:0.6.2-2ubuntu1) dapper; urgency=low


  * Resynchronise with Debian.

 -- Tollef Fog Heen <email address hidden>  Fri, 11 Nov 2005 09:59:03 +0100
Superseded in breezy-security on 2007-04-09
Superseded in breezy-security on 2006-02-03
ipsec-tools (1:0.6-1ubuntu1.1) breezy-security; urgency=low


  * SECURITY UPDATE: Remote DoS.
  * src/racoon/isakmp_agg.c: Fix NULL pointer dereference when the IKE peer
    does not send expected payloads. Only applies to aggressive mode.
  * Patch backported from upstream CVS.
  * CVE-2005-3732

 -- Martin Pitt <email address hidden>  Thu,  1 Dec 2005 11:34:52 +0000
Obsolete in breezy-release on 2008-03-25
ipsec-tools (1:0.6-1ubuntu1) breezy; urgency=low


  * LSB init scripts.

 -- LaMont Jones <email address hidden>  Wed, 28 Sep 2005 18:33:52 -0600
Obsolete in hoary-security on 2008-03-19
ipsec-tools (1:0.5-5ubuntu0.1) hoary-security; urgency=low


  * SECURITY UPDATE: Remote DoS.
  * src/racoon/isakmp_agg.c: Fix NULL pointer dereference when the IKE peer
    does not send expected payloads. Only applies to aggressive mode.
  * Patch backported from upstream CVS.
  * CVE-2005-3732

 -- Martin Pitt <email address hidden>  Thu,  1 Dec 2005 11:48:24 +0000
Obsolete in hoary-release on 2008-03-19
ipsec-tools (1:0.5-5) unstable; urgency=high


  * Fix ISAKMP Header Parsing DoS bug (closes: #299716). 
  * Quote URL in README.Debian to avoid confusion (closes: #297179).

 -- Ganesan Rajagopal <email address hidden>  Wed, 16 Mar 2005 09:31:30 +0530
Obsolete in warty-security on 2008-01-09
ipsec-tools (0.3.3-1ubuntu0.2) warty-security; urgency=low


  * SECURITY UPDATE: Remote DoS.
  * src/racoon/isakmp_agg.c: Fix NULL pointer dereference when the IKE peer
    does not send expected payloads. Only applies to aggressive mode.
  * Patch backported from upstream CVS.
  * CVE-2005-3732

 -- Martin Pitt <email address hidden>  Thu,  1 Dec 2005 11:51:21 +0000
Obsolete in warty-release on 2008-01-09
ipsec-tools (0.3.3-1) unstable; urgency=high


  * Security upload.  Updated to vesion 0.3.3 which fixes a "authentication
    bug in KAME's racoon" in eay_check_x509cert() (Bugtraq
    http://seclists.org/lists/bugtraq/2004/Jun/0219.html) (closes: #254663).
  * Fix for "racooninit" in racoon-tool.conf.  Applied patch submitted by
    Teddy Hogeborn <email address hidden>. (closes: #249222)
  * Stopped patching racoon.conf.5 manpage as the "Japlish" fix is now in the
    source tree.

 -- Matthew Grant <email address hidden>  Thu, 17 Jun 2004 09:05:50 +1200
167 of 67 results