[ubuntu/bionic-proposed] strongswan 5.6.2-1ubuntu1 (Accepted)

Christian Ehrhardt christian.ehrhardt at canonical.com
Mon Mar 19 14:21:25 UTC 2018 

strongswan (5.6.2-1ubuntu1) bionic; urgency=medium

  * Merge with Debian unstable (LP: #1753018). Remaining changes:
    + Clean up d/strongswan-starter.postinst: section about runlevel changes
    + Clean up d/strongswan-starter.postinst: Removed entire section on
      opportunistic encryption disabling - this was never in strongSwan and
      won't be see upstream issue #2160.
    + Ubuntu is not using the debconf triggered private key generation
      - d/rules: Removed patching ipsec.conf on build (not using the
        debconf-managed config.)
      - d/ipsec.secrets.proto: Removed ipsec.secrets.inc reference (was
        used for debconf-managed include of private key).
    + Mass enablement of extra plugins and features to allow a user to use
      strongswan for a variety of extra use cases without having to rebuild.
      - d/control: Add required additional build-deps
      - d/control: Mention addtionally enabled plugins
      - d/rules: Enable features at configure stage
      - d/libbstrongswan-extra-plugins.install: Add plugins (so, lib, conf)
      - d/libstrongswan.install: Add plugins (so, conf)
    + d/strongswan-starter.install: Install pool feature, which is useful since
      we have attr-sql plugin enabled as well using it.
    + Add plugin kernel-libipsec to allow the use of strongswan in containers
      via this userspace implementation (please do note that this is still
      considered experimental by upstream).
      - d/libcharon-extra-plugins.install: Add kernel-libipsec components
      - d/control: List kernel-libipsec plugin at extra plugins description
      - d/p/dont-load-kernel-libipsec-plugin-by-default.patch: As
        upstream recommends to not load kernel-libipsec by default.
    + Relocate tnc plugin
     - debian/libcharon-extra-plugins.install: Drop tnc from extra plugins
     - Add new subpackage for TNC in d/strongswan-tnc-* and d/control
    + d/libstrongswan.install: Reorder conf and .so alphabetically
    + d/libstrongswan.install: Add kernel-netlink configuration files
    + Complete the disabling of libfast; This was partially accepted in Debian,
        it is no more packaging medcli and medsrv, but still builds and
        mentions it.
      - d/rules: Add --disable-fast to avoid build time and dependencies
      - d/control: Remove medcli, medsrv from package description
    + d/control: Mention mgf1 plugin which is in libstrongswan now
    + Add now built (since 5.5.1) libraries libtpmtss and nttfft to
      libstrongswan-extra-plugins (no deps from default plugins).
    + Add rm_conffile for /etc/init.d/ipsec (transition from precies had
      missed that, droppable after 18.04)
    + d/control, d/libcharon-{extras,standard}-plugins.install: Move charon
      plugins for the most common use cases from extra-plugins into a new
      standard-plugins package. This will allow those use cases without pulling
      in too much more plugins (a bit like the tnc package). Recommend that
      package from strongswan-libcharon.
    + d/control: bump breaks/replaces from libstrongswan-extra-plugins to
      libstrongswan as we dropped relocating ccm and test-vectors.
      (droppable >18.04).
    + d/control: add breaks/replace from libstrongswan to
      libstrongswan-extra-plugins for the move of mgf1 to libstrongswan.
      (droppable >18.04).
  * Added Changes:
    + d/control: bump breaks/replaces from strongswan-libcharon to strongswan-
      starter as we followed Debian to move the updown plugin but need to
      match Ubuntu versions (Droppable >18.04).

Date: Fri, 16 Mar 2018 11:08:47 +0100
Changed-By: Christian Ehrhardt <christian.ehrhardt at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/strongswan/5.6.2-1ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Fri, 16 Mar 2018 11:08:47 +0100
Source: strongswan
Binary: strongswan libstrongswan libstrongswan-standard-plugins libstrongswan-extra-plugins libcharon-standard-plugins libcharon-extra-plugins strongswan-starter strongswan-libcharon strongswan-charon strongswan-nm strongswan-tnc-ifmap strongswan-tnc-base strongswan-tnc-client strongswan-tnc-server strongswan-tnc-pdp charon-cmd strongswan-pki strongswan-scepclient strongswan-swanctl charon-systemd
Architecture: source
Version: 5.6.2-1ubuntu1
Distribution: bionic
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Christian Ehrhardt <christian.ehrhardt at canonical.com>
Description:
 charon-cmd - standalone IPsec client
 charon-systemd - strongSwan IPsec client, systemd support
 libcharon-extra-plugins - strongSwan charon library (extra plugins)
 libcharon-standard-plugins - strongSwan charon library (standard plugins)
 libstrongswan - strongSwan utility and crypto library
 libstrongswan-extra-plugins - strongSwan utility and crypto library (extra plugins)
 libstrongswan-standard-plugins - strongSwan utility and crypto library (standard plugins)
 strongswan - IPsec VPN solution metapackage
 strongswan-charon - strongSwan Internet Key Exchange daemon
 strongswan-libcharon - strongSwan charon library
 strongswan-nm - strongSwan plugin to interact with NetworkManager
 strongswan-pki - strongSwan IPsec client, pki command
 strongswan-scepclient - strongSwan IPsec client, SCEP client
 strongswan-starter - strongSwan daemon starter and configuration file parser
 strongswan-swanctl - strongSwan IPsec client, swanctl command
 strongswan-tnc-base - strongSwan Trusted Network Connect's (TNC) - base files
 strongswan-tnc-client - strongSwan Trusted Network Connect's (TNC) - client files
 strongswan-tnc-ifmap - strongSwan plugin for Trusted Network Connect's (TNC) IF-MAP clie
 strongswan-tnc-pdp - strongSwan plugin for Trusted Network Connect's (TNC) PDP
 strongswan-tnc-server - strongSwan Trusted Network Connect's (TNC) - server files
Launchpad-Bugs-Fixed: 1753018
Changes:
 strongswan (5.6.2-1ubuntu1) bionic; urgency=medium
 .
   * Merge with Debian unstable (LP: #1753018). Remaining changes:
     + Clean up d/strongswan-starter.postinst: section about runlevel changes
     + Clean up d/strongswan-starter.postinst: Removed entire section on
       opportunistic encryption disabling - this was never in strongSwan and
       won't be see upstream issue #2160.
     + Ubuntu is not using the debconf triggered private key generation
       - d/rules: Removed patching ipsec.conf on build (not using the
         debconf-managed config.)
       - d/ipsec.secrets.proto: Removed ipsec.secrets.inc reference (was
         used for debconf-managed include of private key).
     + Mass enablement of extra plugins and features to allow a user to use
       strongswan for a variety of extra use cases without having to rebuild.
       - d/control: Add required additional build-deps
       - d/control: Mention addtionally enabled plugins
       - d/rules: Enable features at configure stage
       - d/libbstrongswan-extra-plugins.install: Add plugins (so, lib, conf)
       - d/libstrongswan.install: Add plugins (so, conf)
     + d/strongswan-starter.install: Install pool feature, which is useful since
       we have attr-sql plugin enabled as well using it.
     + Add plugin kernel-libipsec to allow the use of strongswan in containers
       via this userspace implementation (please do note that this is still
       considered experimental by upstream).
       - d/libcharon-extra-plugins.install: Add kernel-libipsec components
       - d/control: List kernel-libipsec plugin at extra plugins description
       - d/p/dont-load-kernel-libipsec-plugin-by-default.patch: As
         upstream recommends to not load kernel-libipsec by default.
     + Relocate tnc plugin
      - debian/libcharon-extra-plugins.install: Drop tnc from extra plugins
      - Add new subpackage for TNC in d/strongswan-tnc-* and d/control
     + d/libstrongswan.install: Reorder conf and .so alphabetically
     + d/libstrongswan.install: Add kernel-netlink configuration files
     + Complete the disabling of libfast; This was partially accepted in Debian,
         it is no more packaging medcli and medsrv, but still builds and
         mentions it.
       - d/rules: Add --disable-fast to avoid build time and dependencies
       - d/control: Remove medcli, medsrv from package description
     + d/control: Mention mgf1 plugin which is in libstrongswan now
     + Add now built (since 5.5.1) libraries libtpmtss and nttfft to
       libstrongswan-extra-plugins (no deps from default plugins).
     + Add rm_conffile for /etc/init.d/ipsec (transition from precies had
       missed that, droppable after 18.04)
     + d/control, d/libcharon-{extras,standard}-plugins.install: Move charon
       plugins for the most common use cases from extra-plugins into a new
       standard-plugins package. This will allow those use cases without pulling
       in too much more plugins (a bit like the tnc package). Recommend that
       package from strongswan-libcharon.
     + d/control: bump breaks/replaces from libstrongswan-extra-plugins to
       libstrongswan as we dropped relocating ccm and test-vectors.
       (droppable >18.04).
     + d/control: add breaks/replace from libstrongswan to
       libstrongswan-extra-plugins for the move of mgf1 to libstrongswan.
       (droppable >18.04).
   * Added Changes:
     + d/control: bump breaks/replaces from strongswan-libcharon to strongswan-
       starter as we followed Debian to move the updown plugin but need to
       match Ubuntu versions (Droppable >18.04).
Checksums-Sha1:
 058c25cf8467a51ae86d6f86de8af443d183a958 3962 strongswan_5.6.2-1ubuntu1.dsc
 34f8888acc4019e15e43a53f0f4356664ded8b66 4977859 strongswan_5.6.2.orig.tar.bz2
 4b6a82c2a0078a5ced042671a83f448b3fd9541a 135884 strongswan_5.6.2-1ubuntu1.debian.tar.xz
Checksums-Sha256:
 f30317f08680ff0f041cea155245c42ce25e9ce37601e29d646488908326e32a 3962 strongswan_5.6.2-1ubuntu1.dsc
 e0a60a30ebf3c534c223559e1686497a21ded709a5d605c5123c2f52bcc22e92 4977859 strongswan_5.6.2.orig.tar.bz2
 485ae5651c7d8861bd5dc6d52eb14de6542db1091446e5c3061baf663978f207 135884 strongswan_5.6.2-1ubuntu1.debian.tar.xz
Files:
 050c27bf6c444bd83b65017acdc942da 3962 net optional strongswan_5.6.2-1ubuntu1.dsc
 46aa3aa18fbc4bd528f9a0345ce79913 4977859 net optional strongswan_5.6.2.orig.tar.bz2
 38185a46563c23fdf440e70ab4fa4229 135884 net optional strongswan_5.6.2-1ubuntu1.debian.tar.xz
Original-Maintainer: strongSwan Maintainers <pkg-swan-devel at lists.alioth.debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJar8cKAAoJELo+KTOCgLJC4awP+wZzfNmBnd+lQ4UNR1IOP5YF
xyri6ciwhKvMFwFueBsI72VPT1QjWJPoWCMlX/5C6UBm4LxT4I7B0USCA6QoLbMm
ofZwzGvof6Pmmf5lW7DDht1KcbfxOnSTsRvpc7h0CwCnzk8Vp/DUtM+xz4x2n3Q+
A1mtowPsXIqX3dsRknGu7Roa88bavBUyQMImxMWoZg3Z9BT2H/b1gBQAqPTPEuHr
fDzTXhppYoBm2OSoKSA21nQ/o+M4JgADOU+DWK69JC19rZ8K+IVJ65GT0sat8ArH
XEDiwVxR9YqXWA56U5fB8NDqksMa3a82r2Y+KwjMOx/ey9tXlgsVHlKN9tUSn6t4
Da/k85SYozl0FbK37uyDiPb6hCxSXl9bvyED7t4Q/RmE4NVsXav/unIZ5YpWVSZ+
EiSgo6isjW3e3pKWm7YA87kClHyqBw13IukF/Zq+MWCj2ImzH4wZylYTNyjiNs51
PnHvBF/tCadGWSPsLe6hAEpwKW7g/Bb171GeYe5EvghYjUmHsDsUk0KZrWBT23y1
XwgQaAARt8+Z/Sdz9taAFftJvXNXTShGqhBQUYVPIBOy1l1z+WfaKUzVMfGpraub
I+3WlgmE7KkL6iiOe3H33yq1FGOLyXvs8bGp0cPAXBEcQ6CznKVjOmyuM3wMwWGK
gsR22P3KlZOqt2ZjHQZV
=wwte
-----END PGP SIGNATURE-----

More information about the Bionic-changes mailing list