Jul 9 2018
IKEv2 is not good in Strong Swan 4.5 at all. There is incompatibility with some other clients.
May 27 2018
@dmbaturin can i mark this as wontfix for 1.1.x?
May 8 2018
Oct 22 2017
Oct 3 2017
@UnicronNL The debian repo for helium is here: http://dev.packages.vyos.net/legacy/repos/debian/helium/
Aug 21 2017
Aug 20 2017
Aug 19 2017
I installed squeeze, think @dmbaturin will add it to CI once it ready
@syncer I guess we need Squeeze host for building packages. But if we use pbuilder, we can build packages on Jessie.
Example script is here: https://gist.github.com/higebu/139c786fab3c88113d54eef16b462655
agree on CVE-2015-4171
Packages for testing:
Jenkins job is broken. https://ci.vyos.net/job/vyatta-strongswan/
I applied the patch for CVE-2015-8023 to helium branch. https://github.com/vyos/vyatta-strongswan/commit/1f431fed4988a5e7f20a3f8ab464fed85c5f7e1c
The CVSS score of CVE-2015-4171 is low, and it needs a valid certificate for attack. Can we ignore CVE-2015-4171?
1.1.7 has 4.5.2-1.1-bpo60+vyos1+helium4. We should apply 2 patches, CVE-2015-4171 and CVE-2015-8023 to vyatta-strongswan.