| Commit History - (may be incomplete: for full details, see links to repositories near top of page) |
| Commit | Credits | Log message |
|---|
5.9.14
30 Sep 2024 11:59:00
     |
Olivier Cochard (olivier)  |
security/strongswan: fix build on current
Backport upstream commit a7f617ab3328153939cb757a5cf9001071ef8720
PR: 280435
Approved by: kwf@nanoteq.com (maintainer) |
5.9.14
20 Apr 2024 17:13:10
|
Fernando Apesteguía (fernape)
Author: Jose Luis Duran |
security/strongswan: Update to 5.9.14
ChangeLog: https://github.com/strongswan/strongswan/releases/tag/5.9.14
PR: 278137
Reported by: jlduran@gmail.com
Approved by: strongswan@Nanoteq.com (maintainer, timeout > 2 weeks) |
5.9.13_1
25 Feb 2024 13:25:54
|
Muhammad Moinur Rahman (bofh) |
security/strongswan: Moved man to share/man
Approved by: portmgr (blanket) |
5.9.13
10 Dec 2023 17:16:32
|
Fernando Apesteguía (fernape)
Author: Jose Luis Duran |
security/strongswan: Update to 5.9.13
ChangeLog: https://github.com/strongswan/strongswan/releases/tag/5.9.13
PR: 275620
Reported by: jlduran@gmail.com
MFH: 2023Q4 (security fix)
Security: CVE-2023-41913 |
5.9.11_3
24 Nov 2023 08:03:00
|
Eugene Grosbein (eugen) |
security/strongswan: fix CVE-2023-41913
This is urgent change adding official patch
https://download.strongswan.org/security/CVE-2023-41913/strongswan-5.9.7-5.9.11_charon_tkm_dh_len.patch
that is identical to the change made for strongswan-5.9.12:
https://github.com/strongswan/strongswan/commit/96d793718955820dfe5e6d8aa6127a34795ae39e
It is upto port maintainer to review and maybe upgrade the port to 5.9.12
Obtained from: strongSwan
Security: CVE-2023-41913 |
5.9.11_2
30 Aug 2023 08:00:13
 |
Fernando Apesteguía (fernape)
Author: Jose Luis Duran |
security/strongswan: Explicitly set sysconfdir
This allows for proper substitution in manual pages.
PR: 273138
Reported by: jlduran@gmail.com
Reviewed by: strongswan@Nanoteq.com (maintainer timeout > 2 weeks) |
5.9.11_1
03 Aug 2023 06:21:21
|
Fernando Apesteguía (fernape)
Author: Matteo Riondato |
security/strongswan: Fix route installation
cherry-pick upstream commit a619356 to fix route installation on FreeBSD
PR: 272841
Reported by: matteo@FreeBSD.org
Approved by: strongswan@Nanoteq.com (maintainer) |
5.9.11
28 Jul 2023 12:33:23
|
Fernando Apesteguía (fernape)
Author: Matteo Riondato |
security/strongswan: Update to 5.9.11
ChangeLog: https://github.com/strongswan/strongswan/releases/tag/5.9.11
PR: 272739
Reported by: matteo@FreeBSD.org
Approved by: strongswan@Nanoteq.com (maintainer) |
5.9.10_1
29 Mar 2023 12:47:31
|
Fernando Apesteguía (fernape) |
security/strongswan: Fix TLS 1.2 in EAP-TLS plugin
Cherry pick commit from upstream.
PR: 270380
Reported by: dronmbi@gtn.ru
Approved by: strongswan@Nanoteq.com (maintainer) |
5.9.10
05 Mar 2023 15:38:18
|
Kurt Jaeger (pi) |
security/strongswan: upgrade 5.9.9 -> 5.9.10 to fix CVE-2023-26463
See also:
https://www.strongswan.org/blog/2023/03/02/strongswan-vulnerability-(cve-2023-26463).html
PR: 269976
Approved-by: Francois ten Krooden <strongswan@Nanoteq.com> (maintainer)
Changelog: https://github.com/strongswan/strongswan/releases/tag/5.9.10 |
5.9.9_2
04 Mar 2023 06:31:16
|
Eugene Grosbein (eugen) |
security/strongswan: fix CVE-2023-26463
This is urgent change adding official patch
https://download.strongswan.org/security/CVE-2023-26463/strongswan-5.9.8-5.9.9_tls_auth_bypass_exp_pointer.patch
It is upto port maintainer to review and maybe upgrade
the port to 5.9.10.
Obtained from: strongSwan
Security: CVE-2023-26463 |
5.9.9_1
08 Feb 2023 10:53:56
|
Muhammad Moinur Rahman (bofh) |
Mk/**ldap.mk: Convert USE_LDAP to USES=ldap
Convert the USE_LDAP=yes to USES=ldap and adds the following features:
- Adds the argument USES=ldap:server to add openldap2{4|5|6}-server as
RUN_DEPENDS
- Adds the argument USES=ldap<version> and replaces WANT_OPENLDAP_VER
- Adds OPENLDAP versions in bsd.default-versions.mk
- Adds USE_OPENLDAP/WANT_OPENLDAP_VER in Mk/bsd.sanity.mk
- Changes consumers to use the features
Reviewed by: delphij
Approved by: portmgr
Differential Revision: https://reviews.freebsd.org/D38233 |
5.9.9_1
15 Jan 2023 18:14:17
|
Fernando Apesteguía (fernape)
Author: Jose Luis Duran |
security/strongswan: Remove --with-lib-prefix
Remove flag already in the default option.
PR: 268918
Reported by: jlduran@gmail.com
Approved by: strongswan@Nanoteq.com (maintainer, implicit in PR) |
5.9.9
14 Jan 2023 17:13:48
|
Fernando Apesteguía (fernape)
Author: Jose Luis Duran |
security/strongswan: Update to 5.9.9
ChangeLog: https://github.com/strongswan/strongswan/releases/tag/5.9.9
PR: 268918 262743
Reported by: jlduran@gmail.com
Approved by: strongswan@Nanoteq.com (maintainer) |
5.9.8_1
26 Oct 2022 14:35:42
|
Nuno Teixeira (eduardo)
Author: Jose Luis Duran |
security/strongswan: Add GCM option to OPTIONS_DEFAULT
Avoid the message:
"plugin 'gcm': failed to load - gcm_plugin_create not found and no
plugin file available"
According to strongSwan's 5.9.8 release notes[1]:
The gcm plugin has been enabled by default, so that the TLS 1.3 unit
tests (now indirectly enabled if the pki tool is built due to the
implementation of EST) can be completed successfully with just the
default plugins.
Let's also enable it by default.
[1]: https://github.com/strongswan/strongswan/releases/tag/5.9.8
PR: 267352 |
5.9.8
19 Oct 2022 16:45:55
|
Fernando Apesteguía (fernape)
Author: Franco Fichtner |
security/strongswan: update to 5.9.8
ChangeLog: https://github.com/strongswan/strongswan/releases/tag/5.9.8
Fixes CVE-2022-40617.
PR: 267037
Reported by: franco@opnsense.org
Approved by: strongswan@Nanoteq.com (maintainer, implicit)
MFH: 2022Q4 (security update)
Security: CVE-2022-40617 DoS attack vulnerability |
07 Sep 2022 21:58:51
|
Stefan Eßer (se) |
Remove WWW entries moved into port Makefiles
Commit b7f05445c00f has added WWW entries to port Makefiles based on
WWW: lines in pkg-descr files.
This commit removes the WWW: lines of moved-over URLs from these
pkg-descr files.
Approved by: portmgr (tcberner) |
5.9.6_2
07 Sep 2022 21:10:59
|
Stefan Eßer (se) |
Add WWW entries to port Makefiles
It has been common practice to have one or more URLs at the end of the
ports' pkg-descr files, one per line and prefixed with "WWW:". These
URLs should point at a project website or other relevant resources.
Access to these URLs required processing of the pkg-descr files, and
they have often become stale over time. If more than one such URL was
present in a pkg-descr file, only the first one was tarnsfered into
the port INDEX, but for many ports only the last line did contain the
port specific URL to further information.
There have been several proposals to make a project URL available as
a macro in the ports' Makefiles, over time.
(Only the first 15 lines of the commit message are shown above  ) |
5.9.6_2
16 Jun 2022 14:41:07
|
Fernando Apesteguía (fernape)
Author: Francois ten Krooden |
security/strongswan: Fix key derivation
An issue in the upstream port causes key derivation to fail in version 5.9.6.
A work around is to enable the KDF pluging by default.
PR: 264667
Reported by: strongswan@Nanoteq.com (maintainer) |
5.9.6_1
01 Jun 2022 22:03:17
|
Dries Michiels (driesm)
Author: Björn König |
security/strongswan: add CTR plugin option
PR: 264354
Approved by: Francois ten Krooden (maintainer) |
5.9.6
09 May 2022 22:28:02
|
Dries Michiels (driesm)
Author: Dani I |
security/strongswan: Update to 5.9.6
Changes: https://github.com/strongswan/strongswan/releases/tag/5.9.6
PR: 263748
Approved by: Francois ten Krooden (maintainer) |
5.9.5
26 Jan 2022 18:38:42
|
Dries Michiels (driesm)
Author: Michael Glaus |
security/strongswan: Update to 5.9.5
Changes: https://github.com/strongswan/strongswan/releases/tag/5.9.5
PR: 261462
Approved by: Francois ten Krooden <strongswan@Nanoteq.com> (maintainer)
MFH: 2022Q1
Security: CVE-2021-45079 |
5.9.4
20 Oct 2021 07:19:32
|
Li-Wen Hsu (lwhsu)
Author: Dani |
security/strongswan: Update to 5.9.4
Security & Bugfix Update to 5.9.4:
- Changelog: https://github.com/strongswan/strongswan/releases/tag/5.9.4
- While here change repos to https
- Fix CVE-2021-41990:
https://www.strongswan.org/blog/2021/10/18/strongswan-vulnerability-(cve-2021-41990).html
- Fix CVE-2021-41991:
https://www.strongswan.org/blog/2021/10/18/strongswan-vulnerability-(cve-2021-41991).html
PR: 259267
Approved by: strongswan@Nanoteq.com (maintainer)
MFH: 2021Q4 |
5.9.3
03 Aug 2021 06:38:33
|
Guangyuan Yang (ygy)
Author: Jose Luis Duran |
security/strongswan: Update to 5.9.3
Changelog: https://github.com/strongswan/strongswan/releases/tag/5.9.3
PR: 257564
Approved by: strongswan@Nanoteq.com (maintainer) |
5.9.2_2
19 May 2021 11:23:52
|
Juraj Lutter (otis)
Author: Sergey Akhmatov |
security/strongswan: Fix default control-interface
Fix default control-interface in rc.d script and also
make it user-selectable at build time, defaulting to VICI.
Also mention this change in pkg-message, as previously the
default was "stroke" and it was changed to "vici" with
only a short notice in UPDATING, that was not displayed
when using binary upgrades.
Committing a portfmt'd version.
PR: 255952
Approved by: strongswan@Nanoteq.com (maintainer) |
5.9.2_1
06 Apr 2021 14:31:13
|
Mathieu Arnold (mat) |
all: Remove all other $FreeBSD keywords. |
5.9.2_1
06 Apr 2021 14:31:07
|
Mathieu Arnold (mat) |
Remove # $FreeBSD$ from Makefiles. |
5.9.2_1
17 Mar 2021 19:12:32
  |
amdmi3 |
security/strongswan: use "vici" interface instead of deprecated "stroke" by
default
Add UPDATING entry with migration instruction.
PR: 249865
Submitted by: driesm.michiels@gmail.com
Approved by: strongswan@nanoteq.com (maintainer) |
5.9.2
09 Mar 2021 06:45:55
|
fernape |
security/strongswan: Update to 5.9.2
ChangeLog: https://wiki.strongswan.org/versions/80
While here, pet linters
PR: 254047
Submitted by: jlduran@gmail.com
Approved by: strongswan@Nanoteq.com (maintainer) |
5.9.1
29 Dec 2020 22:24:24
|
jrm |
security/strongswan: Update to version 5.9.1
Changelog: https://wiki.strongswan.org/versions/79
PR: 252202
Submitted by: Jose Luis Duran <jlduran@gmail.com>
Approved by: strongswan@nanoteq.com (maintainer) |
5.9.0
25 Sep 2020 14:05:49
|
pi |
security/strongswan: update 5.8.4 -> 5.9.0
- Also link the tpm2-tss package for testing with the TPM plugin:
https://wiki.strongswan.org/projects/strongswan/wiki/TpmPlugin
PR: 249470
Submitted by: Jose Luis Duran <jlduran@gmail.com>
Approved by: strongswan@Nanoteq.com (maintainer)
Relnotes: https://wiki.strongswan.org/versions/78 |
5.8.4_1
20 May 2020 18:50:26
|
fernape |
security/strongswan: Add TEST_TARGET
make test passes OK
PR: 246535
Submitted by: jlduran@gmail.com
Reviewed by: strongswan@Nanoteq.com (maintainer) |
5.8.4
13 Apr 2020 18:02:16
|
garga |
security/strongswan: Update to 5.8.4
PR: 245199
Submitted by: Jose Luis Duran <jlduran@gmail.com>
Approved by: strongswan@Nanoteq.com (maintainer)
Sponsored by: Rubicon Communications, LLC (Netgate) |
5.8.3
29 Mar 2020 06:26:59
|
joneum |
Update to 5.8.3
PR: 245087
Sponsored by: Netzkommune GmbH |
5.8.2_1
31 Jan 2020 16:39:19
|
0mp |
security/strongswan: Add PYTHON plugin option for a VICI protocol plugin
PR: 243254
Submitted by: Dries Michiels <driesm.michiels@gmail.com>
Approved by: maintainer
Event: Brussels DevSummit 2020 |
5.8.2_1
11 Jan 2020 15:38:12
|
meta |
security/strongswan: load ipsec kernel module by rc script
From the following discussion: https://reviews.freebsd.org/D20163
It makes sense to add ipsec as required module for the rc script
of strongSwan.
PR: 243316
Submitted by: Dries Michiels <driesm.michiels@gmail.com>
Approved by: maintainer |
5.8.2
30 Dec 2019 14:49:54
|
garga |
security/strongswan: Update to 5.8.2
PR: 242687
Approved by: maintainer
Obtained from: pfSense
Sponsored by: Rubicon Communications, LLC (Netgate) |
5.8.1
30 Sep 2019 17:06:23
|
garga |
Add a new option to enable PKCS11 plugin
PR: 240684
Approved by: strongswan@Nanoteq.com (maintainer)
Obtained from: pfSense
Sponsored by: Rubicon Communications, LLC (Netgate) |
5.8.1
24 Sep 2019 18:03:14
|
swills |
security/strongswan: update to 5.8.1
PR: 240316
Submitted by: Jose Luis Duran <jlduran@gmail.com>
Approved by: strongswan@Nanoteq.com (maintainer) |
5.8.0
21 Aug 2019 01:59:58
|
meta |
security/strongswan: Add support for the VIA Padlock plugin
PR: 239458
Submitted by: Evgeny <mojolicious@yandex.com> (initial revision)
strongswan@Nanoteq.com (maintainer, brushed-up revision)
Approved by: strongswan@Nanoteq.com (maintainer) |
5.8.0
14 Aug 2019 03:26:09
|
meta |
Implement new virtual category: net-vpn for VPN related ports
based on discussion at ports@ [1]. As VPN softwares are put in different
physical category net and security. This is a little bit confusing. Let's
give them new virtual category net-vpn.
[1] https://lists.freebsd.org/pipermail/freebsd-ports/2019-April/115915.html
PR: 239395
Submitted by: myself
Approved by: portmgr (mat)
Differential Revision: https://reviews.freebsd.org/D21174 |
5.8.0
29 May 2019 12:12:50
|
garga |
security/strongswan: Update to 5.8.0
PR: 238173
Approved by: maintainer
Obtained from: pfSense
Sponsored by: Rubicon Communications, LLC (Netgate) |
5.7.2_2
09 Mar 2019 10:37:14
|
pi |
security/strongswan: add vici-based configuration for the rc script
The rc script is modified to allow both a legacy (ipsec.conf-based)
startup or a new (swanctl.conf-based) config. Default is the legacy.
The new setup is based on vici, the Versatile IKE Configuration Interface.
For more details, see:
https://wiki.strongswan.org/projects/strongswan/wiki/Vici
PR: 234648
Submitted by: Jose Luis Duran <jlduran@gmail.com>
Reviewed by: Sam Chen <sc.gear@one.caeon.com>
Approved by: strongswan@Nanoteq.com (maintainer)
Differential Revision: D19367 |
5.7.2_1
09 Mar 2019 09:49:59
|
pi |
security/strongswan: add PAM to XAUTH
PR: 236218
Submitted by: Franco Fichtner <franco@opnsense.org>
Approved by: strongswan@Nanoteq.com (maintainer) |
5.7.2_1
05 Mar 2019 20:14:17
|
swills |
security/strongswan: Minor port improvements
- Follow the same patching logic for swanctl.conf as the other config
files.
- Silence warning: $strongswan_enable not properly set.
PR: 235340
Submitted by: Jose Luis Duran <jlduran@gmail.com>
Approved by: strongswan@Nanoteq.com (maintainer) |
5.7.2
14 Jan 2019 16:00:50
|
swills |
security/strongswan: update to version 5.7.2
PR: 234882
Submitted by: Jose Luis Duran <jlduran@gmail.com>
Approved by: strongswan@Nanoteq.com (maintainer) |
5.7.1
02 Oct 2018 11:00:10
|
garga |
security/strongswan: Update to 5.7.1
PR: 231862
Approved by: maintainer
Obtained from: pfSense
MFH: 2018Q4
Security: CVE-2018-16151 CVE-2018-16152
Sponsored by: Rubicon Communications, LLC (Netgate) |
5.7.0
02 Oct 2018 10:58:37
|
garga |
security/strongswan: Fix rc startup script to support rc.conf settings like
_nice, _fib
Do not bump version since I'll commit the upgrade to 5.7.1 just after it
PR: 211108
Submitted by: Dmitry Wagin <dmitry.wagin@ya.ru>
Approved by: maintainer
Sponsored by: Rubicon Communications, LLC (Netgate) |
5.7.0
26 Sep 2018 13:03:49
|
garga |
- Update security/strongswan to 5.7.0
- While here, silence portlint warning renaming option IKEv1 to IKEV1
PR: 231720
Approved by: maintainer
Obtained from: pfSense
Sponsored by: Rubicon Communications, LLC (Netgate) |
5.6.3
31 May 2018 12:39:52
|
krion |
Update to 5.6.3
Fixes:
- Denial-of-Service Vulnerability in the IKEv2 key derivation
(CVE-2018-10811)
- Denial-of-Service Vulnerability in the stroke plugin
(CVE-2018-5388)
- Crash on FreeBSD that was present in 5.6.2
- The kernel-pfkey plugin optionally installs routes via internal
interface (one with an IP in the local traffic selector). On
FreeBSD, enabling this selects the correct source IP when sending
packets from the gateway itself.
PR: 228631
Submitted by: maintainer |
5.6.2_1
06 Mar 2018 21:56:48
|
yuri |
security/strongswan: Fix crash in public key authentication with 5.6.2
While here, added LICENSE_FILE.
PR: 226404
Submitted by: strongswan@Nanoteq.com (maintainer)
Approved by: tcberner (mentor, implicit) |
5.6.2
01 Mar 2018 13:53:15
|
garga |
- Update security/strongswan to 5.6.2 [1]
- Enable CURL option by default [2]
PR: 226043 [1], 220488 [2]
Submitted by: strongswan@Nanoteq.com (maintainer) [1]
karl@denninger.net [2]
Approved by: maintainer [2]
MFH: 2018Q1
Security: CVE-2018-6459
Sponsored by: Rubicon Communications, LLC (Netgate) |
5.6.0
22 Sep 2017 10:48:29
|
mat |
Remove USES=execinfo.
PR: 220271
Submitted by: mat (review), Yasuhiro KIMURA (PR)
Sponsored by: Absolight
Differential Revision: https://reviews.freebsd.org/D11488 |
5.6.0
23 Aug 2017 06:10:20
|
pi |
security/strongswan: update 5.5.3 -> 5.6.0
- the gmp plugin responsible for CVE-2017-11185 is not enabled
in the FreeBSD build
PR: 221716
Relnotes: https://wiki.strongswan.org/versions/66
Reported by: i.dani@outlook.com
Approved by: strongswan@nanoteq.com (maintainer) |
5.5.3
19 Jul 2017 10:29:38
|
olivier |
Update strongswan to 5.5.3
PR: 220823
Submitted by: strongswan@Nanoteq.com (maintainer)
Reported by: i.dani@outlook.com |
5.5.2_1
10 May 2017 06:12:27
|
olivier |
Add option for enabling mediation feature (like STUN for IPSec peers)
Approved by: strongswan@nanoteq.com (maintainer)
Sponsored by: Orange |
5.5.2
12 Apr 2017 17:25:34
|
garga |
Update security/strongswan to 5.5.2
PR: 218430
Approved by: maintainer
Sponsored by: Rubicon Communications (Netgate) |
5.5.1_1
03 Mar 2017 04:12:21
|
miwi |
- Chase ldns shlip bump
PR: 217495 |
5.5.1
21 Nov 2016 10:43:45
|
garga |
Update security/strongswan to 5.5.1
PR: 213844
Approved by: strongswan@Nanoteq.com (maintainer)
Obtained from: pfSense
Sponsored by: Rubicon Communications (Netgate) |
5.5.0
12 Sep 2016 18:28:20
|
marino |
security/strongswan: Fix build with LibreSSL
Approved by: SSL blanket |
5.5.0
19 Jul 2016 16:38:12
|
garga |
Update security/strongswan to 5.5.0
PR: 211095
Submitted by: strongswan@Nanoteq.com (maintainer) |
5.4.0
03 Apr 2016 14:59:51
|
junovitch |
security/strongswan: unbreak FreeBSD 9 builds
- Add patch to include sys/endian.h header
PR: 208446
Submitted by: strongswan@Nanoteq.com (maintainer)
MFH: 2016Q2 (build fix blanket) |
5.4.0
01 Apr 2016 14:25:18
|
mat |
Remove ${PORTSDIR}/ from dependencies, categories r, s, t, and u.
With hat: portmgr
Sponsored by: Absolight |
5.4.0
23 Mar 2016 16:21:15
|
garga |
Update security/strongswan to 5.4.0
PR: 208219
Approved by: swan@nanoteq.com (maintainer)
Obtained from: pfSense
Sponsored by: Rubicon Communications (Netgate) |
5.3.5_4
15 Mar 2016 06:21:32
|
ohauer |
- bump PORTREVISION on ports depending on unbound
PR: 207948
Submitted by: jaap@NLnetLabs.nl (maintainer) |
5.3.5_3
17 Feb 2016 02:34:06
|
junovitch |
security/strongswan: enable options to increase usefulness of default pkg
- Enable PKI, SWANCTL, and VICI options (no external dependencies)
- Document IMPLIES dependency on VICI for SWANCTL; mention in SWANCTL_DESC
- Bump PORTREVISION
PR: 205438
Reported by: Nick B <nicblais@clkroot.net>
Submitted by: strongswan@Nanoteq.com (maintainer) |
5.3.5_2
04 Feb 2016 15:58:30
|
erwin |
- Update unbound to 1.5.7
- Bump PORTREVISIOn on dependent ports
Some Upgrade Notes:
This release fixes a validation failure for nodata with wildcards and
emptynonterminals. Fixes OpenSSL Library compability. Fixes correct
response for malformed EDNS queries. For crypto in libunbound there is
libnettle support.
Qname minimisation is implemented. Use qname-minimisation: yes to
enable it. This version sends the full query name when an error is
found for intermediate names. It should therefore not fail for names
on nonconformant servers. It combines well with
harden-below-nxdomain: yes because those nxdomains are probed by the (Only the first 15 lines of the commit message are shown above ) |
5.3.5_1
03 Dec 2015 16:34:55
|
garga |
Bump PORTREVISION to help users with custom OPTIONS to get the fix
committed in r402880, as suggested by AMDmi3 |
5.3.5
03 Dec 2015 16:27:07
|
garga |
Add @sample to gcm.conf missed when I introduced it. No bump on PORTREVISION
since GCM is disabled by default
Submitted by: Jose Luis Duran
Obtained from: https://github.com/pfsense/FreeBSD-ports/pull/2 |
5.3.5
02 Dec 2015 10:58:16
|
garga |
Update security/strongswan to 5.3.5
PR: 204959
Approved by: strongswan@Nanoteq.com (maintainer)
Obtained from: pfSense
Sponsored by: Rubicon Communications (Netgate) |
5.3.4
16 Nov 2015 14:08:25
|
garga |
Update security/strongswan to 5.3.4
PR: 204597
Submitted by: strongswan@nanoteq.com (maintainer)
MFH: 2015Q4
Security: CVE 2015-8023
Security: https://github.com/strongswan/strongswan/commit/453e204ac40dfff2e0978e8f84a5f8ff0cbc45e2
Sponsored by: Rubicon Communications (Netgate) |
5.3.3_2
09 Nov 2015 16:56:08
|
garga |
Backport a couple of commits from master, that will be present in 5.3.4:
- dff2d05bb9 [1]: kernel-pfKey: Enable AES-CTR
- 04f22cdabc [2]: VICI: add NAT information
Bump PORTREVISION
[1]
https://github.com/strongswan/strongswan/commit/dff2d05bb9bec684b3b2efdafc9a47219550bbe1
[2]
https://github.com/strongswan/strongswan/commit/04f22cdabc1c97d38692f95392429839f0fa90d1
PR: 204398
Approved by: maintainer
Obtained from: pfSense
Sponsored by: Rubicon Communications (Netgate) |
5.3.3_1
29 Oct 2015 12:42:30
|
garga |
- Add a new option, SWANCTL, to install swanctll utility
- When VICI option is selected, install libvici.h to include directory,
it's useful when you need to build a custom code linked to libvici
- Pass path to USE_LDCONFIG otherwise libraries will not be visible
PR: 204098
Approved by: maintainer
Obtained from: pfSense
Sponsored by: Rubicon Communications (Netgate) |
5.3.3_1
28 Oct 2015 14:27:28
|
garga |
- Add a new option (VICI) to build VICI management protocol
- Change SMP option description to show users it's deprecated
PR: 204090
Approved by: maintainer |
5.3.3_1
27 Oct 2015 13:27:17
|
garga |
strongSwan can be beuit using 3 different printf hooks: builtin, glibc
(compatible with FreeBSD's libc) and vstr (devel/vstr). Since it's not
selected any of them on CONFIGURE_ARGS, it uses auto, and end up using
glibc.
pfSense users reported memory leaks on strongSwan [2] [3] and a it was
reported to upstream [1].
Add a single option and let user choose which printf hook to use, and
change default to use builtin. Bump PORTREVISION due to default change
[1] https://wiki.strongswan.org/issues/1106
[2] https://forum.pfsense.org/index.php?topic=96767.0
[3] https://redmine.pfsense.org/issues/5149
PR: 204051
Approved by: maintainer
Obtained from: pfSense
MFH: 2015Q4
Sponsored by: Rubicon Communications (Netgate) |
5.3.3
21 Sep 2015 11:28:46
|
garga |
Fix pkg-descr, Strongswan supports IKEv1 since version 5.0.0
Spotted by: Jim Thompson <jim@netgate.com>
Approved by: strongswan@Nanoteq.com (maintainer)
Sponsored by: Rubicon Communications (Netgate) |
5.3.3
21 Sep 2015 11:02:22
|
garga |
Update security/strongswan to 5.3.3
PR: 203178
Approved by: strongswan@Nanoteq.com (maintainer)
Sponsored by: Rubicon Communications (Netgate) |
5.3.2
09 Jun 2015 09:51:07
|
garga |
Update to 5.3.2
PR: 200721
Approved by: strongswan@Nanoteq.com (maintainer)
MFH: 2015Q2
Security: CVE-2015-3991
Sponsored by: Netgate |
5.3.0_1
24 Apr 2015 10:57:02
|
garga |
Fix PLIST when EAPAKA3GPP2 is unset and EAPDYNAMIC is set
PR: 199652
Approved by: stronswan@Nanoteq.com (maintainer)
Sponsored by: Netgate |
5.3.0_1
22 Apr 2015 22:53:43
|
amdmi3 |
- Add CPE info
Approved by: portmgr blanket |
5.3.0_1
16 Apr 2015 12:55:39
|
feld |
Add patches to fix Strongswan Management Protocol
SMP is an XML control interface for Strongswan used by pfSense and
Opnsense. SMP has been deprecated by upstream since 5.2.0 in favor of a
newer IPC mechanism called VICI. As a result upstream is not motivated
to take patches for SMP, and this uses non-portable strlcpy anyway.
The code has not been deleted from the project and if we can bludgeon it
into a working state I see no harm.
PR: 199442 |
5.3.0
01 Apr 2015 10:28:10
|
garga |
- Update to 5.3.0
- Add a new option UNITY, to enable Cisco unity extension plugin
PR: 199064
Approved by: maintainer
Sponsored by: Netgate |
5.2.2_1
25 Feb 2015 10:03:53
|
garga |
- Add GCM and SMP options
- Add pkgconfig to the list of dependencies
- Enable IKEv1 OPTION by default
- Bump PORTREVISION
PR: 197824
Submitted by: Franco Fichtner <franco@lastsummer.de> (based on)
Reworked by: strongswan@Nanoteq.com (maintainer)
Approved by: strongswan@Nanoteq.com (maintainer) |
5.2.2
09 Jan 2015 17:15:42
|
garga |
- Update to 5.2.2
- Add LICENSE
PR: 196615
Approved by: strongswan@Nanoteq.com (maintainer)
Security: CVE-2014-9221 |
5.2.1
14 Dec 2014 21:43:04
|
pawel |
- Update to version 5.2.1 [1]
- Convert to USES=execinfo
- Fix LDAP, MYSQL options
PR: 195580 [1]
Submitted by: maintainer [1] |
5.2.0_1
31 Oct 2014 15:46:34
|
bapt |
Remove useless %D
Notified by: antoine |
5.2.0_1
31 Oct 2014 15:43:47
|
bapt |
Simplify plist |
5.2.0_1
22 Aug 2014 09:06:35
|
amdmi3 |
- Switch dns/unbound to USES=libtool, drop .la files
- Bump dependent ports as .so version has changed
- While here, add LICENSE_FILE to dns/getdns
Approved by: portmgr blanket |
5.2.0
19 Aug 2014 13:40:31
|
marino |
security/strongswan: Upgrade version 5.1.3 => 5.2.0
While here, including missing library files and use install-strip
target. Maintainer added a crash fix patch while reviewing.
PR: 192366
Submitted by: dewayne (heruristicssystems.com.au)
Approved by: maintainer (strongswan nanoteq.com) |
5.1.3_2
24 Jul 2014 18:34:16
|
tijl |
net/openldap24-*:
- Convert to USES=libtool and bump dependent ports
- Avoid USE_AUTOTOOLS
- Don't use PTHREAD_LIBS
- Use MAKE_CMD
databases/glom:
- Drop :keepla
- Add INSTALL_TARGET=install-strip
databases/libgda4* databases/libgda5*:
- Convert to USES=libtool and bump dependent ports
- USES=tar:xz
- Use INSTALL_TARGET=install-strip
- Use @sample (Only the first 15 lines of the commit message are shown above ) |
5.1.3_1
27 Jun 2014 17:21:07
|
miwi |
- Chase database/sqlite3 slib bump
Approved by: portmgr (myself) |
5.1.3
15 May 2014 12:47:20
|
pi |
security/strongswan: update 5.1.1 -> 5.1.3 with security update
- Update strongSwan port to 5.1.3 to resolve CVE 2014-2338
- Fixed rcvar issue with FreeBSD 10 (ports/186865)
- Added building of additional tools included in strongswan (ports/186867)
- libtool fix
- pkg-plist updated
PR: ports/189132, ports/186865, ports/186867
Submitted by: Robert Sevat, Dewayne Geraghty, Francois ten Krooden
(maintainer)
Approved by: jadawin (mentor) |
5.1.1_1
14 Feb 2014 14:37:36
|
decke |
- Use OPTIONS_SUB=yes
- Prefer ${INSTALL_DATA} over ${MV}
- Whitespace fix
Thanks to: garga@ |
5.1.1_1
09 Feb 2014 18:15:13
|
antoine |
- Remove MANx, man pages are already moved to plist
- Use new LIB_DEPENDS syntax |
5.1.1_1
07 Feb 2014 14:55:11
|
decke |
- Add missing manpages
PR: ports/186264
Submitted by: HASHI Hiroaki <hashiz@meridiani.jp>
Approved by: strongswan <strongswan@Nanoteq.com> (maintainer) |
5.1.1
27 Jan 2014 13:35:41
|
decke |
- Update to 5.1.1
- Added EAP dynamic proxy module
- Added EAP Radius proxy authentication
- Added DNSSEC/unbound support
- Added kernel libipsec plugin
- Changed configuration files to install to ${PREFIX}/etc/<filename>.conf.sample
- Convert to new options format
PR: ports/185535
Submitted by: Francois ten Krooden <strongswan@nanoteq.com> (maintainer)
Security: CVE-2013-5018
Security: CVE-2013-6075
Security: CVE-2013-6076 |
5.0.4_1
20 Sep 2013 22:55:26
|
bapt |
Add NO_STAGE all over the place in preparation for the staging support (cat:
security) |
5.0.4_1
11 Jul 2013 16:26:27
|
sunpoet |
- Update to 7.31.0
- Bump PORTREVISION for ftp/curl shlib change
- Add TEST_DEPENDS
- Convert to new options framework
- Adjust options:
- Add COOKIES
- Add CYASSL, NSS, POLARSSL, THREADED_RESOLVER, TLS_SRP [1]
- Add GSSAPI and SPNEGO [2]
- Remove KERBEROS4
- Rename LIBIDN to IDN
- Remove TRACKMEMORY [1]
- Sort option handler
- Add SLAVEDIRS: ftp/curl-hiphop
- Cosmetic change
- Cleanup Makefile header
- While I'm here, fix typo (PORTREVSION) in x11-wm/ede/Makefile
Changes: http://curl.haxx.se/changes.html
PR: ports/172325 (-exp run), ports/177369 (based on) [1]
Submitted by: Hirohisa Yamaguchi <umq@ueo.co.jp> [1], hrs (via email) [2]
Exp run by: miwi |
5.0.4
03 May 2013 18:16:36
|
ohauer |
- update to version 5.0.4 which fixes CVE-2013-2944.
- add entry to vuxml
- add CVE references to jankins vuxml entry
while I'm here remove .sh from rc script
PR: ports/178266
Submitted by: David Shane Holden <dpejesh@yahoo.com>
Approved by: strongswan@nanoteq.com (maintainer) |
5.0.1
07 Jan 2013 12:11:15
|
tota |
- Update to 5.0.1
- Change maintainer address
- Trim Makefile header
- Convert to new options framework
- Cleanup
PR: ports/173860 (based on)
Submitted by: Riaan Kruger (maintainer) |
As an Amazon Associate I earn from qualifying purchases.
