summaryrefslogtreecommitdiff
path: root/debian/changelog
diff options
context:
space:
mode:
Diffstat (limited to 'debian/changelog')
-rw-r--r--debian/changelog498
1 files changed, 498 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog
new file mode 100644
index 000000000..8b7e14fda
--- /dev/null
+++ b/debian/changelog
@@ -0,0 +1,498 @@
+openswan (1:2.4.5-3) unstable; urgency=low
+
+ * Renamed kernel-patch-openswan to linux-patch-openswan.
+ * Removed the remarks in the package descriptions that linux-patch-openswan
+ and openswan-modules-source will only work with 2.4 series kernels. This
+ is no longer true.
+ * Use updated French translation. Thanks to Christian Perrier and sorry for
+ not giving time to update the translations before the last upload. I felt
+ that the FTBFS should be corrected quickly.
+ Closes: #364399: openswan: [INTL:fr] French debconf templates translation
+
+ -- Rene Mayrhofer <rmayr@debian.org> Sun, 23 Apr 2006 21:47:53 +0100
+
+openswan (1:2.4.5-2) unstable; urgency=low
+
+ * The NMU patch doesn't seem to have applied to debian/control,
+ because the dependency was still on libopensc1-dev. Fixed that now
+ by adding libopensc2-dev.
+ Closes: #363073: openswan_1:2.4.5-1: FTBFS: Build depends on
+ libopensc1-dev
+ * Added the patch to fix alignment issues on Sparc, as upstream acknowledged
+ it and applied it to their development tree.
+ Closes: #341630: openswan: Pluto crypto helper gets SIGBUS on SPARC due
+ to request memory alignment issue
+
+ -- Rene Mayrhofer <rmayr@debian.org> Mon, 17 Apr 2006 14:53:37 +0100
+
+openswan (1:2.4.5-1) unstable; urgency=low
+
+ * New upstream release. This release adds support for patching newer kernel
+ versions. Verified that the patched kernel tree compiles with Debian
+ kernel sources 2.6.15-8 and 2.6.16-6.
+ Closes: #361800: kernel-patch-openswan: Fails to patch Debian 2.6.15
+ kernel
+ It also adds the patches for an IPSec/L2TP server behind a NAT.
+ Closes: #307529: More patches for openswan server behind NAT
+ Closes: #353792: openswan nat-t failure
+ And additionally there are (according to upstream changelogs) fixes for
+ running on SMP systems. If the following bug still persists (can not test
+ myself), then please reopen.
+ Closes: #343603: kernel-patch-openswan: Starting IPSEC makes system freeze
+ The patch to fix the snmpd crash is also in this upstream version (just
+ checked linux/net/ipsec/ipsec_tunnel.c). It was probably in older versions
+ as well, so this might have been closed earlier. It's not mentioned in
+ upstream changelog, so I don't know exactly when it has been fixed.
+ Closes: #318298: kernel-patch-openswan: Kernel Oops - Null Dereference
+ when using snmpd
+ The ipsec.conf manual page has been updated to document connaddrfamily.
+ Closes: #296611: openswan: "man -S 5 ipsec.conf" fails to mention the
+ parameter "connaddrfamily"
+ * Acknowledge fixes in last NMU - thanks to Christian.
+ Closes: #352050: openswan: FTBFS: Package libopensc1-dev has no
+ installation candidate
+ Closes: #356716: openswan: Incomplete clean when building
+ Closes: #316693: openswan_1/2.2.0-10
+ Closes: #339390: openswan: [INTL:sv] Swedish debconf templates translation
+ * Enable building of XAUTH support.
+ * Import override files from /etc/default instead of /etc/sysconfig. This
+ uses dpatch, so now Build-Depend on it.
+ Closes: #354965: openswan: /usr/lib/ipsec/_updown uses /etc/sysconfig/,
+ please change to /etc/default/
+ * Only ask if an existing certificate/private key pair should be used when
+ the user chose not to create a new key pair. Also mention, when asking to
+ create a new key pair, that an existing one can be used alternatively.
+ Closes: #298250: confusing debconf question about certificate creation
+ * Move the USE_LDAP, USE_LIBCURL, and HAVE_THREADS options from the
+ "make install" to the "make programs" call where it belongs.
+ Closes: #292838: openswan: Dynamic CRL fetching not supported
+ * Remove /usr/share/doc/openswan/index.html, because it is a duplicate of
+ /usr/share/doc/openswan/doc/index.html, and only the latter one has links
+ to existing files.
+ Closes: #311613: openswan: html documentation links to the wrong place
+ Closes: #357719: broken links in file:///usr/share/doc/openswan/index.html
+ Closes: #357698: broken links in file:///usr/share/doc/openswan/index.html
+ * Add #ifdef to linux/net/ipsec/ipsec_init.c to branch between Debian and
+ vanilla 2.4 kernels. For Debian kernels with the XFRM (26sec) backport,
+ a second option is necessary for inet_(add|del)_protocol. This should
+ allow KLIPS to compile on both Debian and vanilla 2.4 kernels. Verified
+ that it compiles with Debian 2.4.27-12 and vanilla 2.4.32.
+ Closes: #340294: openswan-modules-source: fails to build with 2.4.27 on
+ sarge
+ Closes: #342844: kernel-patch-openswan: FTBS with kernel-source-2.4.27
+ 2.4.27-11
+ * Document in README.Debian that KLIPS for 2.4 kernels will not compile with
+ newer GCC versions and give a hint on how to use older versions with
+ make-kpkg.
+ * Kernel 2.6.8 is not properly supported and is horribly outdated by now.
+ If you really need to use 2.6.8, then please use the native 26sec IPSec
+ stack. For KLIPS support, use at least 2.6.12, or better 2.6.15.
+ Closes: #318136: kernel-patch-openswan: Problem applying
+ kernel-openswan-patch to kernel-source-2.6.8
+ * Compress the modules source tree with bzip2 instead of gzip and thus
+ reduce the size of the openswan-modules-source package.
+
+ -- Rene Mayrhofer <rmayr@debian.org> Sat, 15 Apr 2006 21:36:36 +0100
+
+openswan (1:2.4.4-3.1) unstable; urgency=high
+
+ * Non-maintainer upload with maintainer's agreement
+ * Fix FTBFS by replacing the build dependency on libopensc1-dev to
+ libopensc2-dev. Closes: #352050
+ * Really clean when building
+ Closes: #356716
+ * Correct typos and English errors in templates
+ Unfuzzy translations
+ Closes: #316693
+ * Swedish debconf templates translation added
+ Closes: #339390
+
+ -- Christian Perrier <bubulle@debian.org> Thu, 16 Mar 2006 06:10:05 +0100
+
+openswan (1:2.4.4-3) unstable; urgency=low
+
+ * Corrected PATCHNAME in the kernel-patch-openswan unpatch script.
+ Closes: #344852: kernel-patch-openswan: PATCHNAME=openswan in apply script
+ but =freeswan in unpatch
+
+ -- Rene Mayrhofer <rmayr@debian.org> Tue, 27 Dec 2005 10:38:33 +0000
+
+openswan (1:2.4.4-2) unstable; urgency=low
+
+ * Build-depend on libkrb5-dev.
+ Closes: #344612: openswan: pluto has shared library dependency on
+ libkrb5support.so
+
+ -- Rene Mayrhofer <rmayr@debian.org> Mon, 26 Dec 2005 11:22:17 +0000
+
+openswan (1:2.4.4-1) unstable; urgency=high
+
+ Reasoning for urgency high: DoS security issues.
+ * New upstream version. This is supposed to fix the other part of the DoS
+ problem.
+
+ -- Rene Mayrhofer <rmayr@debian.org> Fri, 18 Nov 2005 19:23:49 +0000
+
+openswan (1:2.4.3-1) unstable; urgency=high
+
+ Reasoning for urgency high: DoS security issues.
+ * New upstream version.
+ Closes: Bug#339082: kernel-patch-openswan: ISAKMP implementation
+ problems / DoS
+
+ -- Rene Mayrhofer <rmayr@debian.org> Tue, 15 Nov 2005 15:49:44 +0000
+
+openswan (1:2.4.0-3) unstable; urgency=low
+
+ * Doh. Forgot to merge the new debconf depends from my openswan 2.2.0
+ package branch. Now again change the debconf depends to debconf |
+ debconf-2.0.
+ Closes: #332055: openswan depends on debconf without | debconf-2.0
+ alternate; blocks cdebconf transition
+ * Also build-depend on the new libssl (>= 0.9.8-1) now to help the
+ transition. If you recompile this package for woody/sarge, you can safely
+ ignore this versioned build-dependency. No new API is needed this is just
+ for the ABI transition.
+
+ -- Rene Mayrhofer <rmayr@debian.org> Mon, 10 Oct 2005 11:22:12 +0100
+
+openswan (1:2.4.0-2) unstable; urgency=low
+
+ * Module building has changed a bit for the new openswan upstream
+ releases (need additional files). Adapt the openswan-modules-source
+ package to that and also fix pfkey_v2.c to compile with kernel 2.4
+ (patches sent to upstream for future inclusion).
+ Closes: #291274: Fails to build with 2.4.29: missing Makefile
+ Closes: #273443: openswan-modules-source: doesn't build with 2.6.8 -
+ different from #273144 (?)
+ * Fix the postinst script (must have been a bash update that broke it).
+ Closes: #330864: openswan: postinst fails with "`make-x509-cert': not a
+ valid identifier"
+
+ -- Rene Mayrhofer <rmayr@debian.org> Fri, 30 Sep 2005 18:11:28 +0100
+
+openswan (1:2.4.0-1) unstable; urgency=low
+
+ * New upstream release. This finally allows the Debian packages to be
+ updated since the regression from 2.2.X to 2.3.X has been fixed (pluto
+ crash with roadwarriors). Please be aware that pluto daemons from 2.2 or
+ 2.3 openswan release will still crash, so please update all your
+ installations as soon as possible.
+ Closes: #292132: openswan: OpenSwan 2.2.0 crashes when a road-warrior
+ comes in using 2.3.0
+ This release also supports KLIPS with 2.6 kernels now.
+ Closes: #301801: kernel-patch-openswan: Fails to build with Debian
+ 2.6.10 source
+ #273443: openswan-modules-source: doesn't build with 2.6.8 -
+ different from #273144 (?)
+ #318136: kernel-patch-openswan: Problem applying
+ kernel-openswan-patch to kernel-source-2.6.8
+ * Fixed gcc 4 compile for fswcert (patch will be forwarded to upstream).
+ * Added Vietnamese debconf translation.
+ Closes: #316692: INTL:vi
+ * Introduced the epoch in this branch to allow automatic updates from the
+ previously downgraded 2.2 release.
+ * Edited the debian/copyright file to mention the shared GPL path and
+ removed old licenses (only refer to CREDITS now).
+
+ -- Rene Mayrhofer <rmayr@debian.org> Mon, 19 Sep 2005 13:40:30 +0100
+
+openswan (2.3.1-1) unstable; urgency=high
+
+ Urgency HIGH because openswan is an important package for testing (at least
+ in my opinion...).
+ * New upstream version. This update should fix the various crashes
+ that openswan 2.3.0 pluto was causing on other openswan boxes
+ (occured in the wild with 2.2.0 and 2.3.0, but might also happen
+ with others) in some cases.
+ Closes: #292132: openswan: OpenSwan 2.2.0 crashes when a road-warrior
+ comes in using 2.3.0
+ * Adapt to the new way of building modules (which changed between upstream
+ version 2.2.0 and 2.3.0). openswan-modules-source should now build with
+ 2.4 and with 2.6 kernels (using make-kpkg).
+ Closes: #291274: Fails to build with 2.4.29: missing Makefile
+ Closes: #276521: openswan-modules-source: ipsec_aes.o & ipsec_cryptoapi.o
+ not kernel modules
+ * Also enable building of 2.6 kernel modules in openswan-modules-source.
+ Closes: #273443: openswan-modules-source: doesn't build with 2.6.8 -
+ different from #273144 (?)
+ * kernel-patch-openswan also needed some changes due to the new tree
+ layout (specifically the new Makefile.top). Now kernel-patch-openswan
+ has been enabled to work with kernel 2.6, so you can now get ipsecX
+ interfaces with kernel 2.6 (tested with vanilla 2.6.10)!
+ Closes: #301801 kernel-patch-openswan: Fails to build with Debian 2.6.10
+ source
+ * There was no reply by the original bug submitter, so this really seemed
+ to be a toolchain problem. I can't reproduce this bug.
+ Closes: #283387: openswan: Fails to build on testing (Sarge)
+ * The build-dependency has already been updated from libcurl2-dev to
+ libcurl3-dev in package 2.3.0-1. Now updated it to
+ libcurl3-dev | libcurl2-dev so that backporting to woody is easier.
+ Closes: #298468 openswan fails to build on sarge due to missing
+ libcurl2-dev dependancy
+ * The same goes for libopensc*-dev.
+ * Fixed typos in the logcheck ignore files.
+ Closes: #298693: openswan: logcheck files - typo
+ * Updated debconf translations.
+ Closes: #290847: openswan: [INTL:fr] French debconf templates translation
+ Closes: #292077: [INTL:pt_BR] Please apply the attached patch in order to
+ update openswan's pt_BR debconf translation
+ Closes: #294202: [l10n] Czech po-debconf template translation (cs.po)
+ * Removed the source code for the fswcert utility from the debian/ dir in
+ the source package - it is now included in the upstream source under
+ programs/.
+ * Removed the conflicts with ike-server (still providing it though).
+ Closes: #297186: openswan: Remove conflict on ike-server
+ * Don't conflict with freeswan generally, but only with versions < 2.04-12.
+ (This is in preparation of the freeswan transition package that I am
+ working on.)
+ * Explicitly remove the execute permissions from /etc/ipsec.d/policies/*.
+ Closes: #298245: wrong permissions in /etc
+ * No longer need gawk for openswan scripts to work. This allows to finally
+ removed the awk-to-gawk hack in debian/rules and means that openswan no
+ longer depends on gawk.
+ * Enable the building of pluto code for dynamic URL fetching (which needs
+ libldap2-dev and libcurl3-dev) and the XAUTH PAM support. Therefore, we
+ now build-depend on libpam0g-dev.
+ Closes: #292838: openswan: Dynamic CRL fetching not supported
+
+ -- Rene Mayrhofer <rmayr@debian.org> Sat, 9 Apr 2005 17:56:16 +0200
+
+openswan (2.3.0-2) unstable; urgency=HIGH
+
+ Urgency HIGH due to security issue and problems with build-deps in sarge.
+ * Fix the security issue. Please see
+ http://www.idefense.com/application/poi/display?id=190&
+ type=vulnerabilities&flashstatus=false
+ or CAN-2005-0162 at
+ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0162
+ for more details. Thanks to Martin Schulze for informing me about this
+ issue.
+ Closes: #292458: Openswan XAUTH/PAM Buffer Overflow Vulnerability
+ * Added a Build-Dependency to lynx.
+ Closes: #291143: openswan: FTBFS: Missing build dependency.
+
+ -- Rene Mayrhofer <rmayr@debian.org> Thu, 27 Jan 2005 16:10:11 +0100
+
+openswan (2.3.0-1) unstable; urgency=low
+
+ * New upstream release.
+ Important change: aes-sha1 is now the default proposal (but 3des-md5 is
+ still supported if the other side requests it). Please look at
+ /usr/share/doc/openswan/docs/RELEASE-NOTES for details.
+ * Includes KLIPS support for kernel 2.6 for the first time, but I have not
+ yet modified openswan-modules-source to cope with that. If somebody wants
+ to lend me a hand to address #273443, it would be more than welcome.
+ * This release includes a fix for the reported snmpd crash
+ (in ipsec_tunnel.c). Many thanks to Nate Carlson for pointing this out.
+ Closes: #261892: openswan: System crashes when snmpd runs at the same time
+ * Update Build-Depends from libopensc0-dev to libopensc1-dev.
+ Closes: #289600: openswan: can't fulfill the build dependencies
+ * Update Build-Depends from libcurl2-dev to libcurl3-dev.
+ * Include Japanese debconf translation and fix a typo in the master.
+ Closes: #288996: openswan: Japanese po-debconf template translation
+ (ja.po) and typo in template.pot
+ * Auto-apply the NAT Traversal patch with kernel-patch-openswan again. This
+ was changed by openswan (the freeswan version included the NAT-T patch
+ automatically). Thus, the patch is now applied before inserting the KLIPS
+ part.
+ * Include a ready-to-use NAT-T diff in the openswan-modules-source package
+ so that anybody who uses this package still has the option of using NAT
+ Traversal (though this means patching the kernel anyway, and kind of
+ makes the out-of-tree compilation senseless). However, Debian 2.4 series
+ kernels should already have NAT-T applied.
+ * Document the above two changes in the package descriptions and
+ README.Debian.
+
+ -- Rene Mayrhofer <rmayr@debian.org> Thu, 13 Jan 2005 09:30:45 +0100
+
+openswan (2.2.0-5) unstable; urgency=low
+
+ * Added more explanations to README.Debian on how to build the kernel
+ modules with either openswan-modules-source or kernel-patch-openswan.
+
+ -- Rene Mayrhofer <rmayr@debian.org> Sat, 16 Oct 2004 13:11:48 +0200
+
+openswan (2.2.0-4) unstable; urgency=medium
+
+ Urgency medium to get this version into sarge - it fixes a bug that turned
+ up on some machines and prevented openswan from starting.
+ * no_oe.conf will work when there are spaces at the end, many thanks to
+ Hans Fugal for figuring that out!
+ Closes: #270012: openswan: Fails to start after Installation
+ (/etc/ipsec.d/examples/no_oe.conf problem?)
+ I am now sending this towards upstream so that it should hopefully get
+ fixed for the next release - it's a bit awkward for a config file.
+ * Fixed a minor aesthetical issue in openswan.postinst: when a plain RSA key
+ is already present in ipsec.secrets and a new one is being created, a
+ needless line was printed. Silenced by adding -q to egrep.
+
+ -- Rene Mayrhofer <rmayr@debian.org> Sun, 3 Oct 2004 20:57:22 +0200
+
+openswan (2.2.0-3) unstable; urgency=low
+
+ * Also added flex to Build-Depends, the new starter (replacement for
+ the init scripts, but not yet active) needs it to build.
+ Closes: #272935: openswan_2.2.0-1(ia64/unstable): FTBFS: missing
+ build-depends
+ Closes: #273241: openswan: FTBFS: Missing Build-Depends on 'flex'
+ * Adapted the rules file of openswan-modules-source to cope with the new
+ upstream source code - need to generate a C file from a template before
+ the ipsec module can be built.
+ Closes: #273144: openswan-modules-source: linux/net/ipsec/version.c
+ neither created nor compiled
+ * Enabled the building of modular extensions (AES and cryptoapi) by default
+ for openswan-modules-source. Also enabled the AES cipher in addition to
+ 3DES (this is directly in the ipsec.o kernel module, the modular
+ extensions version is an alternative to this).
+
+ -- Rene Mayrhofer <rmayr@debian.org> Fri, 24 Sep 2004 12:38:47 +0200
+
+openswan (2.2.0-2) unstable; urgency=low
+
+ * Added bison to Build-Depends.
+
+ -- Rene Mayrhofer <rmayr@debian.org> Thu, 23 Sep 2004 15:18:51 +0200
+
+openswan (2.2.0-1) unstable; urgency=medium
+
+ * New upstream version:
+ - Introduces AES support, which is the reason for urgency medium. AES
+ should definitly go into sarge.
+ - Adds RFC 3706 DPD (dead peer detection) support, see
+ /usr/share/doc/openswan/docs/README.DPD for details.
+ This adds the last missing piece (AES) to replace the freeswan package
+ completely. As of now, freeswan is officially unsupported and will soon
+ be removed from Debian. Please upgrade to openswan, which should not cause
+ any issues. Configuration files and certificates are completely compatible.
+ Closes: #270012: openswan: Fails to start after Installation
+ (/etc/ipsec.d/examples/no_oe.conf problem?)
+ I can no longer reproduce this problem on a fresh install of
+ 2.2.0-1.
+ Closes: #260120: openswan: Patch fixing #256391 breaks the autogenerated
+ certificate
+ The new X.509 patch included in this upstream release (no longer
+ patched by the Debian package) should fix this too.
+ Closes: #246828: /etc/ipsec.conf refers to invalid URLs
+ The default ipsec.conf file distributed by upstream no longer
+ refers to an URL.
+ * Fixed a thinko in the postinst script that prevented the correct insertion
+ of plain RSA keys into /etc/ipsec.secrets (i.e. not using X.509
+ certificates). Fixed now.
+ Closes: #268742: openswan: Plain RSA key not successfully written to
+ ipsec.secrets
+ * Adapt to the new way of openswan handling the disabling of opportunistic
+ encryption. In the default ipsec.conf distributed with upstream openswan,
+ OE is now disabled (which changes the previous default). Adapted the
+ postinst script so that it can now enable and disable OE support based on
+ the debconf option.
+ Closes: #268743: openswan: fails to respect debconf OE setting
+ * Updated the French and Brazilian Portugese debconf translations.
+ Closes: #256457: openswan: [INTL:fr] French debconf templates translation
+ Closes: #264246: openswan: [INTL:pt_BR] Please use the attached Brazilian
+ Portuguese debconf template translation
+ * Patched debian/fswcert/fswcert.c to compile cleanly with gcc-3.4. Thanks
+ to Andreas Jochens for the patch!
+ Closes: #262663: openswan: FTBFS with gcc-3.4: label at end of compound
+ statement
+ * Documented how to build the KLIPS kernel part with either the
+ kernel-patch-openswan or the openswan-modules-source packages.
+ Closes: #246819: Needs documentation on how to build the kernel modules
+ * Bump Standards-Version to 3.6.1.0, no changes necessary.
+
+ -- Rene Mayrhofer <rmayr@debian.org> Tue, 21 Sep 2004 18:13:52 +0200
+
+openswan (2.1.5-1) unstable; urgency=medium
+
+ * New upstream release, which fixes another potential security issue.
+
+ -- Rene Mayrhofer <rene@mayrhofer.eu.org> Sun, 5 Sep 2004 18:00:40 +0200
+
+openswan (2.1.3-1) unstable; urgency=HIGH
+
+ Urgency high because of a possibly security issue.
+ * New upstream version. This includes the CRL fix form 2.1.1-5 and the
+ proper activation of NAT traversal in Makefile.inc.
+ Closes: #253457: Openswan: new upstream available that includes xauth
+ Closes: #253458: Openswan: new upstream available that includes xauth
+ Closes: #253461: Openswan: new upstream available
+ Closes: #253782: openswan: Should automatically load kernel module
+ xfrm_user
+ But I have currently not explicitly enabled xaut support in Makefile.inc,
+ quoting from there: "off by default, since XAUTH is tricky, and you can
+ get into security trouble". If it needs to be enabled to work, please tell
+ me and I will need to take a far closer look on it (and the involved
+ problems).
+ This new upstream version also fixes a possible security issue in the
+ X.509 certificate authentication.
+ * The last upload didn't seem to have hit the archives, strange...
+ However, the bugs are still fixed, closing them now.
+ Closes: #245450: openswan should not depend on
+ kernel-image-2.4 || kernel-image-2.6
+ Closes: #246847: openswan: shouldn't conflict with ike-server
+ Closes: #246373: openswan: [INTL:fr] French debconf templates translation
+
+ -- Rene Mayrhofer <rene@mayrhofer.eu.org> Thu, 17 June 2004 12:22:45 +0200
+
+openswan (2.1.1-5) unstable; urgency=low
+
+ * Applied a patch from openswan CVS to fix CRL related crashes.
+ * Drop the dependency on kernels it works with - the package description
+ already says that it will need kernel support to work. This allows people
+ to easily use self-compiled kernels with the right support (e.g. 2.6.5).
+ Closes: #245450: openswan should not depend on
+ kernel-image-2.4 || kernel-image-2.6
+ * While I'm at it, also replace the various Suggests: *freeswan* with
+ openswan. Oops.
+ * openswan conflicts with ike-server because only one ike-server can be
+ active at any given time (it will listen on UDP port 500). This policy
+ has been agreed to by all Debian IPSec package maintainers and implemented
+ in all ike-server providing packages.
+ Closes: #246847: openswan: shouldn't conflict with ike-server
+ * Took the debconf translations from the freeswan package and "ported" them
+ via debconf-updatepo. Thanks to Christian Perrier for mentioning that it
+ was this easy.
+ The templates should now be correct (all instances of FreeS/wan replaced
+ by Openswan).
+ Closes: #246373: openswan: [INTL:fr] French debconf templates translation
+
+ -- Rene Mayrhofer <rene@mayrhofer.eu.org> Tue, 18 May 2004 19:46:24 +0200
+
+openswan (2.1.1-4) unstable; urgency=low
+
+ * Fixed the kernel-patch-openswan apply script.
+ * Warning: Due to an upstream bug, pluto from this version will dump core
+ on certain CRLs. If you are hit by this bug, please report it directly to
+ upstream, they are still tracking the issue down.
+
+
+ -- Rene Mayrhofer <rene@mayrhofer.eu.org> Thu, 15 Apr 2004 09:50:32 +0200
+
+openswan (2.1.1-3) unstable; urgency=low
+
+ * Also build the openswan-modules-source and kernel-patch-openswan
+ packages now.
+ * Fixed _startklips in combination with the native IPSec stack - many thanks
+ to Nate Carlson for the patch.
+
+ -- Rene Mayrhofer <rene@mayrhofer.eu.org> Wed, 31 Mar 2004 19:33:49 +0200
+
+openswan (2.1.1-2) unstable; urgency=low
+
+ * Took the package as official maintainer.
+ * Updated all relevant packaging stuff to the level of freeswan 2.04-9,
+ including auto-generation of X.509 certificates and insertion in
+ ipsec.secrets. This also corrects the libexec path in some scripts.
+
+ -- Rene Mayrhofer <rene@mayrhofer.eu.org> Wed, 31 Mar 2004 11:23:46 +0200
+
+openswan (2.1.1-1) unstable; urgency=low
+
+ * Initial version - packaging based on Rene Mayrhofer's
+ FreeS/WAN packaging
+
+ -- Alexander List <alexlist@sbox.tu-graz.ac.at> Sun, 21 Mar 2004 21:47:53 +0100
+
+Local variables:
+mode: debian-changelog
+End: