diff --git a/.gitignore b/.gitignore index e3f7673..2519948 100644 --- a/.gitignore +++ b/.gitignore @@ -3,3 +3,4 @@ /strongswan-5.9.1.tar.bz2 /strongswan-5.9.2.tar.bz2 /strongswan-5.9.3.tar.bz2 +/strongswan-5.9.4.tar.bz2 diff --git a/sources b/sources index 4b80a7e..6b105b6 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (strongswan-5.9.3.tar.bz2) = 09bd78225415422c8f55c9f0dea2ca70111f42f0deacfaaac30c422109ff64180f6a6a47c6bc54238e8403f0b2f8520122c1eabbeda3f915427fadb838a5df51 +SHA512 (strongswan-5.9.4.tar.bz2) = 796356c1d5c1ad410f0ed944ab4a131076d26f120ec6fa57796fe4060b0741201199625883ddc9ebd8a7ad299495f073cec76a6780ebd8f375605aae16750cf3 diff --git a/strongswan.spec b/strongswan.spec index 8586ce6..70015d9 100644 --- a/strongswan.spec +++ b/strongswan.spec @@ -2,8 +2,8 @@ #%%define prerelease dr1 Name: strongswan -Version: 5.9.3 -Release: 4%{?dist} +Version: 5.9.4 +Release: 1%{?dist} Summary: An OpenSource IPsec-based VPN and TNC solution License: GPLv2+ URL: http://www.strongswan.org/ @@ -33,6 +33,8 @@ BuildRequires: libgcrypt-devel BuildRequires: systemd-devel BuildRequires: iptables-devel BuildRequires: libcap-devel +BuildRequires: tpm2-tss-devel +Recommends: tpm2-tools BuildRequires: NetworkManager-libnm-devel Requires(post): systemd @@ -276,6 +278,12 @@ install -D -m 0644 %{SOURCE1} %{buildroot}/%{_tmpfilesdir}/strongswan.conf %{_libexecdir}/strongswan/charon-nm %changelog +* Wed Oct 20 2021 Paul Wouters - 5.9.4-1 +- Resolves: rhbz#2015165 strongswan-5.9.4 is available +- Resolves: rhbz#2015611 CVE-2021-41990 strongswan: gmp plugin: integer overflow via a crafted certificate with an RSASSA-PSS signature +- Resolves: rhbz#2015614 CVE-2021-41991 strongswan: integer overflow when replacing certificates in cache +- Add BuildRequire for tpm2-tss-devel and weak dependency for tpm2-tools + * Tue Sep 14 2021 Sahana Prasad - 5.9.3-4 - Rebuilt with OpenSSL 3.0.0