2008
isakmpd (20041012-5) unstable; urgency=low
* Disable support for keynote as it seems to be broken. * Add dependency info to init.d script (Closes: #412893) Thanks to Petter Reinholdtsen <pere@hungry.com> for the patch. * Bumped standards version to 3.7.3 (No changes).
-- Jochen Friedrich <jochen@scram.de> Tue, 01 Apr 2008 17:30:53 +0200
2006
isakmpd (20041012-4) unstable; urgency=high
* Fix replay protection (CVE-2006-4436) Thanks to Stefan Fritsch <sf@fritsch.de> (Closes: #385894)
-- Jochen Friedrich <jochen@scram.de> Mon, 4 Sep 2006 18:41:00 +0200
isakmpd (20041012-3) unstable; urgency=low
* Fix NAT-T RFC support.
* Remove superfluos header from packet dump so tcpdump and ethereal
can read the dump.
-- Jochen Friedrich <jochen@scram.de> Mon, 28 Aug 2006 17:14:47 +0200
sakmpd (20041012-2) unstable; urgency=low
* New maintainer (Closes: #358800) * Replace SADB_X_SPDADD by SADB_X_SPDUPDATE (Closes: #346214) * Fix NAT-T (Closes: #324753) * Fix openssl incompatibility with version 0.9.8b (Closes: #334624) * Fix dependencies (Closes: #320393, #325849) * gcc compiler fixes (Closes: #318241) * Update standards version to 3.7.2
-- Jochen Friedrich <jochen@scram.de> Tue, 21 Feb 2006 14:26:40 +0100
2004
isakmpd (20041012-1) unstable; urgency=high
* new upstream cvs merge. * add setsockopt to properly configure udp encap socket. * add proper source port in nat-t sadb set (thanks to Thomas Walpuski). * DPD now works (closes: #258479). * NAT-T now works (closes: #269851). * remove double dependency on libkeynote0 (closes: #272377).
-- Jean-Francois Dive <jef@debian.org> Tue, 7 Sep 2004 11:28:18 +0200
isakmpd (20040628-1) unstable; urgency=high
* New upstream cvs merge. * Enabled DPD. * Enabled NAT-T + added support for linux nat-t pfkey msgs. * Fix payload handling denial-of-service vuln (closes: #239739); * Add spd cleartext entry (thanks to Vincent Bernat). (closes: #243990). * Add dependency on linux-kernel-headers (closes: #238793). * Add man page for isakmpd.policy. * No issue with Renegotiate-on-HUP (closes: #255507). * x509v3.cnf provided (closes: #238542). * Added certpatch utility (closes: #231743). * Fixed pcap support (closes: #238543).
-- Jean-Francois Dive <jef@debian.org> Mon, 5 Jul 2004 23:32:47 +0200
isakmpd (20040204-1) unstable; urgency=low
* Provide ike-server (closes: #223784). * Fixes for big indian systems (thanks to Sebastian Klemke). (closes: #223845). * Fix for certificates file access on non ext2 enabled kernel systems, thanks to jochen. (closes: #225474). * Update kernel version informations. (closes: #229795). * New upstream cvs merge. * Added missing man page isakmpd.policy(5) (thanks to Toni Mueller). (closes: #231123).
-- Jean-Francois Dive <jef@debian.org> Sun, 8 Feb 2004 20:55:34 +0100
2003
isakmpd (20031107-2) unstable; urgency=high
* SECURITY fix for INITIAL_CONTACT handeling. (previous
release actually did fixed INVALID_SPI informational exchange
security issue). The problem is the exact same nature for both
type of informational messages: because the end result is SA
deletation, the HASH payload should be in the message and checked.
-- Jean-Francois Dive <jef@debian.org> Thu, 13 Nov 2003 14:54:01 +0100
isakmpd (20031107-1) unstable; urgency=high
* new upstream cvs merge. * SECURITY fix for HASH payload handeling (closes: #219864). * SECURITY fix handeling of quick mode exchange encryption (it now does require quick mode to be encrypted both Rx/Tx). * SECURITY fix for INITIAL_CONTACT handeling (did not check for mandatory HASH payload). * Updated linux kernel header for interop with debian x86 kernels. * Fix issues with policy handeling in keynote.
-- Jean-Francois Dive <jef@debian.org> Thu, 13 Nov 2003 11:05:09 +0100
isakmpd (20030907-1) unstable; urgency=high
* new upstream cvs merge. * Fixed kernel interface due to ABI changes in linux IPSec. * Fixed keynote issue.
-- Jean-Francois Dive <jef@debian.org> Wed, 10 Sep 2003 22:47:17 +0200
isakmpd (20030718-1) unstable; urgency=high
* New upstream version. * Merged new upstream linux native build support. * Added fine grained selector support to upstream linux native sysdep. * Removed useless libc and kernel headers. * Removed libdes. * Added generated upstream changelog (generated by cvs2cl.pl).
-- Jean-Francois Dive <jef@debian.org> Tue, 22 Jul 2003 12:15:30 +0200
isakmpd (20030119-2) unstable; urgency=low
* Fixed init script (closes: #188086). * Added support for Protocol and Port text definition in ID handeling. (expl: Protocol = icmp instead of Protocol = 1).
-- Jean-Francois Dive <jef@debian.org> Mon, 9 Jun 2003 14:11:02 +0200
isakmpd (20030119-1) unstable; urgency=low
* Changed version number to a sane format.
-- Jean-Francois Dive <jef@debian.org> Thu, 20 Mar 2003 18:46:56 +0100
isakmpd (19012003-4) unstable; urgency=low
* Fixed source tree clean issues (libdes, libsysdep) (closes: #184295). * Added diff to package upload.
-- Jean-Francois Dive <jef@debian.org> Tue, 18 Mar 2003 17:30:57 +0100
isakmpd (19012003-3) unstable; urgency=low
* switched libdes copyright from copyright.libdes to
copyright file.
-- Jean-Francois Dive <jef@debian.org> Thu, 20 Feb 2003 13:10:54 +1100
isakmpd (19012003-2) unstable; urgency=low
* Added reference to BSD license and libdes license. * Renmoved double dependency on libssl. * Removed /usr/doc link. * Added lintian overrides.
-- Jean-Francois Dive <jef@debian.org> Sun, 26 Jan 2003 00:36:40 +1100
isakmpd (19012003-1) unstable; urgency=low
* Inital debianization (Closes: #163904).
-- Jean-Francois Dive <jef@debian.org> Sun, 26 Jan 2003 00:36:40 +1100