From 6585e5ad764ee2414d9b01f30784b6549bc8f58e Mon Sep 17 00:00:00 2001 From: Othmar Gsenger Date: Mon, 30 Jul 2007 19:37:53 +0000 Subject: added keyexchange --- keyexchange/isakmpd-20041012/debian/changelog | 153 ++++++++++++++++++++++++++ 1 file changed, 153 insertions(+) create mode 100644 keyexchange/isakmpd-20041012/debian/changelog (limited to 'keyexchange/isakmpd-20041012/debian/changelog') diff --git a/keyexchange/isakmpd-20041012/debian/changelog b/keyexchange/isakmpd-20041012/debian/changelog new file mode 100644 index 0000000..1883efc --- /dev/null +++ b/keyexchange/isakmpd-20041012/debian/changelog @@ -0,0 +1,153 @@ +isakmpd (20041012-4) unstable; urgency=high + + * Fix replay protection (CVE-2006-4436) + Thanks to Stefan Fritsch (Closes: #385894) + + -- Jochen Friedrich Mon, 4 Sep 2006 18:41:00 +0200 + +isakmpd (20041012-3) unstable; urgency=low + + * Fix NAT-T RFC support. + * Remove superfluos header from packet dump so tcpdump and ethereal + can read the dump. + + -- Jochen Friedrich Mon, 28 Aug 2006 17:14:47 +0200 + +sakmpd (20041012-2) unstable; urgency=low + + * New maintainer (Closes: #358800) + * Replace SADB_X_SPDADD by SADB_X_SPDUPDATE (Closes: #346214) + * Fix NAT-T (Closes: #324753) + * Fix openssl incompatibility with version 0.9.8b (Closes: #334624) + * Fix dependencies (Closes: #320393, #325849) + * gcc compiler fixes (Closes: #318241) + * Update standards version to 3.7.2 + + -- Jochen Friedrich Tue, 21 Feb 2006 14:26:40 +0100 + +isakmpd (20041012-1) unstable; urgency=high + + * new upstream cvs merge. + * add setsockopt to properly configure udp encap socket. + * add proper source port in nat-t sadb set (thanks to Thomas Walpuski). + * DPD now works (closes: #258479). + * NAT-T now works (closes: #269851). + * remove double dependency on libkeynote0 (closes: #272377). + + -- Jean-Francois Dive Tue, 7 Sep 2004 11:28:18 +0200 + +isakmpd (20040628-1) unstable; urgency=high + + * New upstream cvs merge. + * Enabled DPD. + * Enabled NAT-T + added support for linux nat-t pfkey msgs. + * Fix payload handling denial-of-service vuln (closes: #239739); + * Add spd cleartext entry (thanks to Vincent Bernat). (closes: #243990). + * Add dependency on linux-kernel-headers (closes: #238793). + * Add man page for isakmpd.policy. + * No issue with Renegotiate-on-HUP (closes: #255507). + * x509v3.cnf provided (closes: #238542). + * Added certpatch utility (closes: #231743). + * Fixed pcap support (closes: #238543). + + -- Jean-Francois Dive Mon, 5 Jul 2004 23:32:47 +0200 + +isakmpd (20040204-1) unstable; urgency=low + + * Provide ike-server (closes: #223784). + * Fixes for big indian systems (thanks to Sebastian Klemke). + (closes: #223845). + * Fix for certificates file access on non ext2 enabled kernel + systems, thanks to jochen. (closes: #225474). + * Update kernel version informations. (closes: #229795). + * New upstream cvs merge. + * Added missing man page isakmpd.policy(5) (thanks to Toni Mueller). + (closes: #231123). + + -- Jean-Francois Dive Sun, 8 Feb 2004 20:55:34 +0100 + +isakmpd (20031107-2) unstable; urgency=high + + * SECURITY fix for INITIAL_CONTACT handeling. (previous + release actually did fixed INVALID_SPI informational exchange + security issue). The problem is the exact same nature for both + type of informational messages: because the end result is SA + deletation, the HASH payload should be in the message and checked. + + -- Jean-Francois Dive Thu, 13 Nov 2003 14:54:01 +0100 + +isakmpd (20031107-1) unstable; urgency=high + + * new upstream cvs merge. + * SECURITY fix for HASH payload handeling (closes: #219864). + * SECURITY fix handeling of quick mode exchange encryption (it now + does require quick mode to be encrypted both Rx/Tx). + * SECURITY fix for INITIAL_CONTACT handeling (did not check for + mandatory HASH payload). + * Updated linux kernel header for interop with debian x86 kernels. + * Fix issues with policy handeling in keynote. + + -- Jean-Francois Dive Thu, 13 Nov 2003 11:05:09 +0100 + +isakmpd (20030907-1) unstable; urgency=high + + * new upstream cvs merge. + * Fixed kernel interface due to ABI changes in linux IPSec. + * Fixed keynote issue. + + -- Jean-Francois Dive Wed, 10 Sep 2003 22:47:17 +0200 + +isakmpd (20030718-1) unstable; urgency=high + + * New upstream version. + * Merged new upstream linux native build support. + * Added fine grained selector support to upstream linux native sysdep. + * Removed useless libc and kernel headers. + * Removed libdes. + * Added generated upstream changelog (generated by cvs2cl.pl). + + -- Jean-Francois Dive Tue, 22 Jul 2003 12:15:30 +0200 + +isakmpd (20030119-2) unstable; urgency=low + + * Fixed init script (closes: #188086). + * Added support for Protocol and Port text definition in ID handeling. + (expl: Protocol = icmp instead of Protocol = 1). + + -- Jean-Francois Dive Mon, 9 Jun 2003 14:11:02 +0200 + +isakmpd (20030119-1) unstable; urgency=low + + * Changed version number to a sane format. + + -- Jean-Francois Dive Thu, 20 Mar 2003 18:46:56 +0100 + +isakmpd (19012003-4) unstable; urgency=low + + * Fixed source tree clean issues (libdes, libsysdep) (closes: #184295). + * Added diff to package upload. + + -- Jean-Francois Dive Tue, 18 Mar 2003 17:30:57 +0100 + +isakmpd (19012003-3) unstable; urgency=low + + * switched libdes copyright from copyright.libdes to + copyright file. + + -- Jean-Francois Dive Thu, 20 Feb 2003 13:10:54 +1100 + +isakmpd (19012003-2) unstable; urgency=low + + * Added reference to BSD license and libdes license. + * Renmoved double dependency on libssl. + * Removed /usr/doc link. + * Added lintian overrides. + + -- Jean-Francois Dive Sun, 26 Jan 2003 00:36:40 +1100 + +isakmpd (19012003-1) unstable; urgency=low + + * Inital debianization (Closes: #163904). + + -- Jean-Francois Dive Sun, 26 Jan 2003 00:36:40 +1100 + -- cgit v1.2.3