summaryrefslogtreecommitdiff
path: root/debian/changelog
diff options
context:
space:
mode:
authorBernhard Schmidt <berni@debian.org>2019-03-07 21:38:56 +0100
committerBernhard Schmidt <berni@debian.org>2019-03-07 21:38:56 +0100
commitcfcec33bd88faeb354a33bd5f8052486ac848f9a (patch)
tree8e1ace9a34f5ee12b34416b02d514da67d54c907 /debian/changelog
parent7486cf05cdeb6996fdf249e5a2f15d93a47dbac1 (diff)
parenta351f71e82badcc71a2ce881bbb97eccfcebc06b (diff)
Merge tag 'debian/2.4.7-1' into stretch-backports
openvpn Debian release 2.4.7-1
Diffstat (limited to 'debian/changelog')
-rw-r--r--debian/changelog101
1 files changed, 77 insertions, 24 deletions
diff --git a/debian/changelog b/debian/changelog
index 91bcf9e..f676f8d 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,14 +1,68 @@
-openvpn (2.4.4-2~bpo9+1) stretch-backports; urgency=medium
+openvpn (2.4.7-1) unstable; urgency=medium
- * Rebuild for stretch-backports.
- - Revert to OpenSSL 1.0.2, libpkcs11-helper1-dev is not compatible
- with OpenSSL 1.1.0 in stretch
+ [ Bernhard Schmidt ]
+ * New upstream version 2.4.7
+ - improvements regarding TLSv1.3
+ - Add CAP_AUDIT_WRITE for auth_pam for upstream units (Closes: #868806)
+ * adjust kfreebsd_support.patch for new upstream version
+ * Also Add CAP_AUDIT_WRITE for auth_pam for openvpn@.service (Closes: #868806)
+ * openvpn@.service: Bump LimitNPROC to 100, see #861923
+
+ [ Simon Deziel ]
+ * d/control: suggests openvpn-systemd-resolved (Closes: #913265)
+
+ [ Hilko Bengen ]
+ * Avoid hangs when spawning child processes by not setting pkcs11-helper
+ "safe fork mode" (Closes: #772812, #900805, #907452)
- -- Bernhard Schmidt <berni@debian.org> Sat, 30 Dec 2017 22:21:24 +0100
+ -- Bernhard Schmidt <berni@debian.org> Wed, 20 Feb 2019 14:50:03 +0100
+
+openvpn (2.4.6-1) unstable; urgency=medium
+
+ [ Jörg Frings-Fürst ]
+ * New upstream release.
+ - Refresh patches.
+ - Fix "does not start if link-mtu is too low" (Closes: #867113).
+ - Fix "auth-tokens are purged if auth-nocache is set" (Closes: #883601).
+ * Migrate to debhelper 11:
+ - Change debian/compat to 11.
+ - Bump minimum debhelper version in debian/control to >= 11.
+ * Declare compliance with Debian Policy 4.1.5 (No changes needed).
+ * New debian/patches/spelling_errors.patch to correct spelling errors.
+ * New debian/patches/systemd.patch to remove obsolete syslog.target.
+ * debian/changelog:
+ - Rewrite to DEP5 copyright format.
+ * debian/control:
+ - Change to my new email address.
+ - Remove trailing whitespaces.
+ * debian/rules:
+ - Remove trailing whitespaces.
+ - Replace outdated dh_installsystemd with dh_systemd_start.
+ - Remove usr/share/doc/openvpn/COPYING.
+ - Replace rm -f with $(RM).
+ * debian/update-resolv-conf:
+ - Fix "preserve order of pushed parameters" (Closes: #807808).
+ Thanks to Thibaut Chèze.
+ - Add syslog message if used without binary resolvconf (Closes: #895135).
+ Thanks to Roger Price <debian@rogerprice.org>.
+ * debian/watch:
+ - Use secure URI.
+ * Remove obsolete debian/openvpn.lintian-overrides.
+ * New README.source to explain the branching model used.
+
+ -- Jörg Frings-Fürst <debian@jff.email> Mon, 30 Jul 2018 14:08:13 +0200
+
+openvpn (2.4.5-1) unstable; urgency=medium
+
+ * New upstream version 2.4.5 (Closes: #873302)
+ * Fix wrong Bug# in previous changelog
+ * Change Vcs-* to salsa (gitlab)
+
+ -- Bernhard Schmidt <berni@debian.org> Sun, 04 Mar 2018 22:23:47 +0100
openvpn (2.4.4-2) unstable; urgency=medium
- * Build against OpenSSL 1.1.0 (Closes: #828447)
+ * Build against OpenSSL 1.1.0 (Closes: #828477)
* Bump Standards-Version to 4.1.2, no changes necessary
-- Bernhard Schmidt <berni@debian.org> Mon, 11 Dec 2017 00:22:11 +0100
@@ -97,7 +151,7 @@ openvpn (2.4.3-1) unstable; urgency=high
- CVE-2017-7521
- CVE-2017-7522
* Plugin libs have been moved to /usr/lib/ARCH/openvpn/plugins
- * debian/rules:
+ * debian/rules:
- Remove obsolete options to configure script (enable-password-save,
with-plugindir (now in ENV_VARS))
- No need to install upstream's systemd unit files from debian/rules
@@ -270,7 +324,7 @@ openvpn (2.3.7-1) unstable; urgency=medium
openvpn (2.3.5-1) unstable; urgency=medium
* New upstream release. Removed patches applied upstream:
- client_connect_tmp_files.patch
+ client_connect_tmp_files.patch
better_systemd_detection.patch
* Add Build-Depends on libsystemd-daemon-dev.
@@ -519,7 +573,7 @@ openvpn (2.2.0-2) unstable; urgency=low
openvpn (2.2.0-1) experimental; urgency=low
* New upstream release (Closes: #625281)
- * Removed Depends on open(ssl|vpn)-blacklist, since
+ * Removed Depends on open(ssl|vpn)-blacklist, since
debian_openssl_vulnkeys.patch is no longer used.
Removed templates referring it too.
* Removed manpage_dash_escaping.patch, applied upstream
@@ -812,7 +866,7 @@ openvpn (2.1~rc7-2) unstable; urgency=high
* init.c: Warn of use of known vulnerable weak SSL/TLS
and shared secret keys caused by Debian openssl bug.
Patch taken from Ubuntu. CVE-2008-0166
- * debian/(templates|postinst): Add warning on vulnerable
+ * debian/(templates|postinst): Add warning on vulnerable
secrect/key files.
* debian/control: Add dependencies on openssl-blacklist and
openvpn-blacklist. Bumped dependency on libssl version.
@@ -902,7 +956,7 @@ openvpn (2.0.9-6) unstable; urgency=low
/etc/network/interfaces integration. (Closes: #413732)
* Also included joeyh's suggestion on the previous subject.
(Closes: 419797)
- * Avoid restarting a vpn instead of reloading it due to wrong
+ * Avoid restarting a vpn instead of reloading it due to wrong
detection of 'user' option in init.d script. Thanks Josip Rodin.
(Closes: 403503)
* Added Russian debconf translation. (Closes: #414088)
@@ -980,7 +1034,7 @@ openvpn (2.0.6-2) unstable; urgency=low
a fresh install or stop2upgrade=true. (Closes: #366085, #338956)
* Updated Czech debconf translation (Closes: #333989)
Thanks Miroslav Kure.
- * Bumped Standards-Version to 3.7.2.0, no change.
+ * Bumped Standards-Version to 3.7.2.0, no change.
* debian/rules: Avoid compressing 'pkitool' (Closes: #354478)
* debian/templates: Corrected typo on init scripts order change.
(Closes: #351664)
@@ -1024,9 +1078,9 @@ openvpn (2.0.2-1) unstable; urgency=low
* The [VAC] upload. Thanks Vorbis Gdynia for the free internet access :)
* New upstream release (Closes: #323594)
* Fixed use of backslash in username authentication. (Closes: #309787)
- * Fixes several DoS vulnerabilities: CAN-2005-2531 CAN-2005-2532
+ * Fixes several DoS vulnerabilities: CAN-2005-2531 CAN-2005-2532
CAN-2005-2533 CAN-2005-2534. (Closes: #324167)
- * Changed group option from 'nobody' to 'nogroup' in all the
+ * Changed group option from 'nobody' to 'nogroup' in all the
*example* files... (Closes: #317987)
* Included openvpn-plugin.h to allow building third party plugins.
(Closes: #316139)
@@ -1079,7 +1133,7 @@ openvpn (2.0-1) unstable; urgency=low
Thanks Thomas Hood for the patch.
* debian/control. Rewrote Description: field.
Now it's more useful and complete. (Closes: #304895)
- * init.d script:
+ * init.d script:
- Fixed restarting of multiple VPNs
- Fixed TAB converted to spaces.
- Remove status file on VPN stop
@@ -1122,7 +1176,7 @@ openvpn (1.99+2.rc12-1) unstable; urgency=low
openvpn (1.99+2.rc11-2) unstable; urgency=low
- * Added --enable-password-save to configure call to allow
+ * Added --enable-password-save to configure call to allow
--askpass and --auth-user-pass passwords to be read from a file.
-- Alberto Gonzalez Iniesta <agi@inittab.org> Thu, 3 Feb 2005 18:19:28 +0100
@@ -1192,7 +1246,7 @@ openvpn (1.99+2.beta17-1) unstable; urgency=low
openvpn (1.99+2.beta16-2) unstable; urgency=low
- * Patched ssl.c to fix bug in --key-method 1, that prevented
+ * Patched ssl.c to fix bug in --key-method 1, that prevented
OpenVPN 2.x from working with 1.x using that method.
Thanks James for the prompt answer & patch.
Thanks weasel for finding it out.
@@ -1242,7 +1296,7 @@ openvpn (1.99+2.beta15-1) unstable; urgency=low
and not tell the maintainer directly.
* Added Brazilian Portuguese debconf templates. (Closes: #279351)
* Modified init.d script so that specifying a daemon option in a
- VPN configuration won't make it fail.
+ VPN configuration won't make it fail.
Thanks Christoph Biedl for the patch. (Closes: #278302)
* Added scripts to allow specifying 'openvpn name' in
/etc/network/interfaces to have the tunnel created and destroyed with
@@ -1356,7 +1410,7 @@ openvpn (1.4.3-2) unstable; urgency=low
* Moved initscripts sequence number to S16 from S20. This will make
openvpn start earlier and be ready for other services. (Closes: #209225)
* Added Depends: on debconf, it's used in the maintainer's scripts now.
- * Added debconf template to ask for the creation of the TUN/TAP device
+ * Added debconf template to ask for the creation of the TUN/TAP device
node. (Closes: #211198)
-- Alberto Gonzalez Iniesta <agi@agi.as> Thu, 2 Oct 2003 21:39:46 +0200
@@ -1364,7 +1418,7 @@ openvpn (1.4.3-2) unstable; urgency=low
openvpn (1.4.3-1) unstable; urgency=low
* New upstream release
- * Bumped Standards-Version to 3.6.1.0, no change.
+ * Bumped Standards-Version to 3.6.1.0, no change.
* Patched init.d script to support single vpn stop/start/restart.
Thanks to Richard Mueller and Norbert Tretkowski (Closes: #204100)
@@ -1395,7 +1449,7 @@ openvpn (1.4.0-2) unstable; urgency=low
openvpn (1.4.0-1) unstable; urgency=low
* New upstream release (Closes: #179551)
- * Re-enabled liblzo support. LZO's author made an exception in LZO's
+ * Re-enabled liblzo support. LZO's author made an exception in LZO's
license that permits OpenVPN to use LZO and OpenSSL. See copyright
file.
@@ -1410,9 +1464,9 @@ openvpn (1.3.2-3) unstable; urgency=low
openvpn (1.3.2-2) unstable; urgency=low
- * Disabled liblzo1 support to fix license issues with Openssl.
+ * Disabled liblzo1 support to fix license issues with Openssl.
(Closes: #177497)
- * Bumped Standards-Version to 3.5.8, no change.
+ * Bumped Standards-Version to 3.5.8, no change.
-- Alberto Gonzalez Iniesta <agi@agi.as> Mon, 20 Jan 2003 16:09:16 +0100
@@ -1453,4 +1507,3 @@ openvpn (1.2.0-1) unstable; urgency=low
* Initial Release. (Closes: #140463)
-- Alberto Gonzalez Iniesta <agi@agi.as> Thu, 23 May 2002 11:00:37 +0200
-