Description of problem: Not sure if this goes under security or rpm packages, but anyway..... The current version of openswan (2.6.39) fixes a CVE (CVE-2013-2053) as well as improved support for android and cisco devices. The version in Mageia is version 2.6.28. Version-Release number of selected component (if applicable): 2.6.28 How reproducible: Just look at the repo. Steps to Reproduce: 1.urpmi openswan 2.Look up the current version. 3.Feel horified that a security package is severly out of date. 4.??? 5.Profit. :P Sidenote: ipsec-tools is not required by openswan. It handles the entire ipsec connection. (Look at fedora's rpm if you don't believe me.) Reproducible: Steps to Reproduce:
Keywords: (none) => TriagedCC: (none) => ennael1, luigiwalserQA Contact: (none) => security
All known vulnerabilities in openswan have been fixed in our package. The first set was fixed in Bug 7095 last year. CVE-2013-2053 was fixed in Bug 10126 in May of this year. The package has not been updated to a newer version because there is no maintainer. Feel free to volunteer :o)
QA Contact: security => (none)
Well, actually I do have an updated spec for openswan. (It's based on Mageia's current one.) I would not be against maintaining it. I did add myself to the Packaging apprentice candidates list on the wiki.
Thanks Patrick, that's really great to hear! Feel free to join us in the #mageia-mentoring IRC channel anytime, that will help get you going as well. In the meantime, you can also feel free to post any updated specs or patches to this bug, and I'll review them when I get a chance, or if someone else is interested and beats me to it, maybe someone else will. Welcome aboard.
Created attachment 4232 [details] Updated spec file
Created attachment 4233 [details] Altered patch 1 This just removes an older diff from the patch and renames it to conform to the packaging guidelines. (File was fixed upstream.)
Comment on attachment 4232 [details] Updated spec file EDIT: Fix mime type.
Attachment 4232 mime type: application/octet-stream => text/plain
Comment on attachment 4233 [details] Altered patch 1 EDIT: Fix mime type.
Attachment 4233 mime type: application/octet-stream => text/plain
Patrick, Your changes are committed, built, and uploaded! http://svnweb.mageia.org/packages?view=revision&revision=462940 http://pkgsubmit.mageia.org/ Thanks! Everything looked good. While waiting for a mentor, feel free to file bugs with any other updates you have, and also to visit #mageia-mentoring on Freenode IRC. Marking FIXED as of openswan-2.6.39-1.mga4.
Status: NEW => RESOLVEDResolution: (none) => FIXED