Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package strongswan for openSUSE:Factory checked in at 2026-03-26 21:07:21 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/strongswan (Old) and /work/SRC/openSUSE:Factory/.strongswan.new.8177 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "strongswan" Thu Mar 26 21:07:21 2026 rev:105 rq:1342125 version:6.0.5 Changes: -------- --- /work/SRC/openSUSE:Factory/strongswan/strongswan.changes 2025-12-15 11:44:32.644572739 +0100 +++ /work/SRC/openSUSE:Factory/.strongswan.new.8177/strongswan.changes 2026-03-27 06:50:27.260311440 +0100 @@ -1,0 +2,20 @@ +Mon Mar 23 15:09:04 UTC 2026 - Jan Engelhardt <[email protected]> + +- Update to release 6.0.5 + * Fixed a vulnerability in the eap-ttls plugin related to + processing EAP-TTLS AVPs that can lead to resource exhaustion + or a crash. [CVE-2026-25075] + * The new `icmp` option enables the forwarding of certain ICMP + error messages (e.g. Fragmentation Needed), even if their + source address doesn't match the negotiated traffic selectors, + when running on Linux kernels that support this (v6.9+). + * charon-cmd now supports childless IKE SA initiation with the + `--childless` option. + * The dhcp plugin now keeps track of address leases across + make-before-break reauthentications to avoid releasing the + address when the old SA is terminated + * Added support for `organizationIdentifier` RDNs, which are used + in e.g. eIDAS certificates, when parsing ASN.1 DN identities + from strings. + +------------------------------------------------------------------- Old: ---- strongswan-6.0.4.tar.bz2 strongswan-6.0.4.tar.bz2.sig New: ---- strongswan-6.0.5.tar.bz2 strongswan-6.0.5.tar.bz2.sig ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ strongswan.spec ++++++ --- /var/tmp/diff_new_pack.QWhJWB/_old 2026-03-27 06:50:29.976423288 +0100 +++ /var/tmp/diff_new_pack.QWhJWB/_new 2026-03-27 06:50:29.996424111 +0100 @@ -39,7 +39,7 @@ %bcond_without systemd Name: strongswan -Version: 6.0.4 +Version: 6.0.5 Release: 0 Summary: IPsec-based VPN solution License: GPL-2.0-or-later @@ -568,6 +568,45 @@ %config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/xauth-pam.conf %config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/xcbc.conf %config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon/bypass-lan.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon-nm/af-alg.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon-nm/agent.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon-nm/blowfish.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon-nm/bypass-lan.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon-nm/ccm.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon-nm/cmac.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon-nm/constraints.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon-nm/ctr.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon-nm/curl.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon-nm/drbg.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon-nm/eap-gtc.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon-nm/eap-identity.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon-nm/eap-md5.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon-nm/eap-mschapv2.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon-nm/eap-peap.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon-nm/eap-tls.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon-nm/eap-ttls.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon-nm/fips-prf.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon-nm/gcm.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon-nm/gcrypt.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon-nm/gmp.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon-nm/kdf.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon-nm/kernel-netlink.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon-nm/ldap.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon-nm/md4.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon-nm/mgf1.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon-nm/nonce.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon-nm/openssl.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon-nm/pem.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon-nm/pkcs1.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon-nm/pkcs11.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon-nm/pkcs7.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon-nm/pkcs8.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon-nm/random.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon-nm/revocation.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon-nm/socket-default.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon-nm/sshkey.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon-nm/x509.conf +%config(noreplace) %attr(600,root,root) %{strongswan_configs}/charon-nm/xcbc.conf %dir %{strongswan_libdir} %if %{with integrity} %{strongswan_libdir}/libchecksum.so @@ -875,6 +914,7 @@ %strongswan_plugins/libstrongswan-stroke.so %dir %strongswan_configs/ %dir %strongswan_configs/charon/ +%dir %strongswan_configs/charon-nm/ %config(noreplace) %attr(600,root,root) %strongswan_configs/starter.conf %config(noreplace) %attr(600,root,root) %strongswan_configs/charon/stroke.conf %dir %strongswan_templates/ ++++++ _scmsync.obsinfo ++++++ --- /var/tmp/diff_new_pack.QWhJWB/_old 2026-03-27 06:50:30.464443384 +0100 +++ /var/tmp/diff_new_pack.QWhJWB/_new 2026-03-27 06:50:30.512445361 +0100 @@ -1,5 +1,5 @@ -mtime: 1765620213 -commit: 13db2b9d8d905efd0e52a3a93becf9d8e714ab0825465a590f3ee290f5026887 +mtime: 1774279095 +commit: fb2acacd836cffe23a5a42057599cf7c3c95597c9d400ed07de758a84b634300 url: https://src.opensuse.org/jengelh/strongswan revision: master ++++++ build.specials.obscpio ++++++ ++++++ build.specials.obscpio ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/.gitignore new/.gitignore --- old/.gitignore 1970-01-01 01:00:00.000000000 +0100 +++ new/.gitignore 2026-03-23 16:18:28.000000000 +0100 @@ -0,0 +1 @@ +.osc ++++++ strongswan-6.0.4.tar.bz2 -> strongswan-6.0.5.tar.bz2 ++++++ ++++ 19895 lines of diff (skipped)
