vyatta-strongswanProject
ActivePublic

Members

  • This project does not have any members.

Watchers

  • This project does not have any watchers.

Details

Description

Vyatta Strongswan

Recent Activity

Oct 22 2017

syncer moved T354: Outstanding CVEs - StrongSwan from In Progress to Finished on the VyOS 1.1.x (1.1.8) board.
Oct 22 2017, 8:15 PM · vyatta-strongswan, VyOS 1.1.x (1.1.8)
UnicronNL closed T354: Outstanding CVEs - StrongSwan as Resolved.
Oct 22 2017, 8:14 PM · vyatta-strongswan, VyOS 1.1.x (1.1.8)

Oct 3 2017

dmbaturin added a comment to T354: Outstanding CVEs - StrongSwan.

@UnicronNL The debian repo for helium is here: http://dev.packages.vyos.net/legacy/repos/debian/helium/

Oct 3 2017, 7:39 PM · vyatta-strongswan, VyOS 1.1.x (1.1.8)
UnicronNL added a comment to T354: Outstanding CVEs - StrongSwan.

@higebu @syncer squeeze is added to ci, only there is no repo to upload.

Oct 3 2017, 6:54 PM · vyatta-strongswan, VyOS 1.1.x (1.1.8)

Aug 21 2017

higebu claimed T354: Outstanding CVEs - StrongSwan.
Aug 21 2017, 1:15 AM · vyatta-strongswan, VyOS 1.1.x (1.1.8)
higebu moved T354: Outstanding CVEs - StrongSwan from Backlog to In Progress on the VyOS 1.1.x (1.1.8) board.
Aug 21 2017, 1:14 AM · vyatta-strongswan, VyOS 1.1.x (1.1.8)
syncer moved T354: Outstanding CVEs - StrongSwan from Needs Triage to Backlog on the VyOS 1.1.x (1.1.8) board.
Aug 21 2017, 12:06 AM · vyatta-strongswan, VyOS 1.1.x (1.1.8)

Aug 20 2017

higebu changed the status of T354: Outstanding CVEs - StrongSwan from Open to In progress.
Aug 20 2017, 3:23 PM · vyatta-strongswan, VyOS 1.1.x (1.1.8)

Aug 19 2017

higebu added a comment to T354: Outstanding CVEs - StrongSwan.

Good!

Aug 19 2017, 3:42 PM · vyatta-strongswan, VyOS 1.1.x (1.1.8)
syncer added a comment to T354: Outstanding CVEs - StrongSwan.

I installed squeeze, think @dmbaturin will add it to CI once it ready

Aug 19 2017, 3:30 PM · vyatta-strongswan, VyOS 1.1.x (1.1.8)
higebu added a comment to T354: Outstanding CVEs - StrongSwan.

@syncer I guess we need Squeeze host for building packages. But if we use pbuilder, we can build packages on Jessie.
Example script is here: https://gist.github.com/higebu/139c786fab3c88113d54eef16b462655

Aug 19 2017, 3:24 PM · vyatta-strongswan, VyOS 1.1.x (1.1.8)
syncer updated subscribers of T354: Outstanding CVEs - StrongSwan.

Hey @higebu!
agree on CVE-2015-4171

Aug 19 2017, 11:09 AM · vyatta-strongswan, VyOS 1.1.x (1.1.8)
higebu added a comment to T354: Outstanding CVEs - StrongSwan.

Packages for testing:

Aug 19 2017, 5:26 AM · vyatta-strongswan, VyOS 1.1.x (1.1.8)
higebu added a comment to T354: Outstanding CVEs - StrongSwan.

Jenkins job is broken. https://ci.vyos.net/job/vyatta-strongswan/

Aug 19 2017, 5:06 AM · vyatta-strongswan, VyOS 1.1.x (1.1.8)
higebu added a comment to T354: Outstanding CVEs - StrongSwan.

I applied the patch for CVE-2015-8023 to helium branch. https://github.com/vyos/vyatta-strongswan/commit/1f431fed4988a5e7f20a3f8ab464fed85c5f7e1c

Aug 19 2017, 5:03 AM · vyatta-strongswan, VyOS 1.1.x (1.1.8)
higebu added a comment to T354: Outstanding CVEs - StrongSwan.

The CVSS score of CVE-2015-4171 is low, and it needs a valid certificate for attack. Can we ignore CVE-2015-4171?

Aug 19 2017, 4:31 AM · vyatta-strongswan, VyOS 1.1.x (1.1.8)
higebu added a comment to T354: Outstanding CVEs - StrongSwan.

1.1.7 has 4.5.2-1.1-bpo60+vyos1+helium4. We should apply 2 patches, CVE-2015-4171 and CVE-2015-8023 to vyatta-strongswan.

Aug 19 2017, 3:59 AM · vyatta-strongswan, VyOS 1.1.x (1.1.8)
syncer triaged T354: Outstanding CVEs - StrongSwan as High priority.
Aug 19 2017, 2:40 AM · vyatta-strongswan, VyOS 1.1.x (1.1.8)
syncer added a project to T354: Outstanding CVEs - StrongSwan: vyatta-strongswan.
Aug 19 2017, 2:35 AM · vyatta-strongswan, VyOS 1.1.x (1.1.8)

Jul 24 2017

syncer created vyatta-strongswan.
Jul 24 2017, 9:02 PM