strongswan-starter_4.5.2-1.5+deb7u8_i386.deb


Advertisement

Description

strongswan-starter - strongSwan daemon starter and configuration file parser

Property Value
Distribution Debian 7 (Wheezy)
Repository Debian Main i386
Package name strongswan-starter
Package version 4.5.2
Package release 1.5+deb7u8
Package architecture i386
Package type deb
Installed size 688 B
Download size 303.25 KB
Official Mirror ftp.br.debian.org
StrongSwan is an IPsec-based VPN solution for the Linux kernel. It uses the
native IPsec stack and runs on any recent 2.6 kernel (no patching required).
It supports both IKEv1 and the newer IKEv2 protocols.
The starter and the associated "ipsec" script control both pluto and charon
from the command line. It parses ipsec.conf and loads the configurations to
the daemons. While the IKEv2 daemon can use other configuration backends, the
IKEv1 daemon is limited to configurations from ipsec.conf.

Alternatives

Package Version Architecture Repository
strongswan-starter_5.2.1-6+deb8u2~bpo70+1_i386.deb 5.2.1 i386 Debian Backports Main
strongswan-starter_5.2.1-6+deb8u2~bpo70+1_amd64.deb 5.2.1 amd64 Debian Backports Main
strongswan-starter_4.5.2-1.5+deb7u8_amd64.deb 4.5.2 amd64 Debian Main
strongswan-starter_4.5.2-1.5+deb7u10_amd64.deb 4.5.2 amd64 Debian Security Updates Main
strongswan-starter_4.5.2-1.5+deb7u10_i386.deb 4.5.2 i386 Debian Security Updates Main
strongswan-starter - - -

Requires

Name Value
debconf >= 0.5
debconf-2.0 -
libc6 >= 2.8
libstrongswan = 4.5.2-1.5+deb7u8
strongswan-ikev1 -
strongswan-ikev2 -

Conflicts

Name Value
strongswan << 4.2.12-1

Download

Type URL
Binary Package strongswan-starter_4.5.2-1.5+deb7u8_i386.deb
Source Package strongswan

Install Howto

  1. Update the package index:
    # sudo apt-get update
  2. Install strongswan-starter deb package:
    # sudo apt-get install strongswan-starter

Files

Path
/etc/ipsec.conf
/etc/ipsec.secrets
/etc/init.d/ipsec
/usr/lib/ipsec/_copyright
/usr/lib/ipsec/_updown
/usr/lib/ipsec/_updown_espmark
/usr/lib/ipsec/openac
/usr/lib/ipsec/pki
/usr/lib/ipsec/pool
/usr/lib/ipsec/scepclient
/usr/lib/ipsec/starter
/usr/lib/ipsec/stroke
/usr/lib/ipsec/plugins/libstrongswan-stroke.so
/usr/lib/ipsec/plugins/libstrongswan-updown.so
/usr/sbin/ipsec
/usr/share/doc/strongswan-starter/NEWS.Debian.gz
/usr/share/doc/strongswan-starter/changelog.Debian.gz
/usr/share/doc/strongswan-starter/changelog.gz
/usr/share/doc/strongswan-starter/copyright
/usr/share/lintian/overrides/strongswan-starter
/usr/share/man/man5/ipsec.conf.5.gz
/usr/share/man/man5/ipsec.secrets.5.gz
/usr/share/man/man5/strongswan.conf.5.gz
/usr/share/man/man8/_updown.8.gz
/usr/share/man/man8/_updown_espmark.8.gz
/usr/share/man/man8/ipsec.8.gz
/usr/share/man/man8/openac.8.gz
/usr/share/man/man8/scepclient.8.gz

Changelog

2015-11-16 - Yves-Alexis Perez <corsac@debian.org>
strongswan (4.5.2-1.5+deb7u8) wheezy-security; urgency=medium
* debian/patches:
- CVE-2015-8023_eap_mschapv2_state added, fix authentication bypass when
using EAP MSCHAPv2.
2015-06-07 - Yves-Alexis Perez <corsac@debian.org>
strongswan (4.5.2-1.5+deb7u7) wheezy-security; urgency=high
* debian/patches:
- CVE-2015-4171_enforce_remote_auth added, fix potential leak of
authentication credential to rogue server when using PSK or EAP. This is
CVE-2015-4171.
2014-12-28 - Yves-Alexis Perez <corsac@debian.org>
strongswan (4.5.2-1.5+deb7u6) wheezy-security; urgency=high
* debian/patches:
- CVE-2014-9221_dh_group added, fix regression with
CVE-2014-9221_modp_custom breaking TLS authentication.
2014-12-16 - Yves-Alexis Perez <corsac@debian.org>
strongswan (4.5.2-1.5+deb7u5) wheezy-security; urgency=high
* Non-maintainer upload by the Security Team.
* debian/patches:
- debian/patches/CVE-2014-9221_modp_custom added, fix unauthenticated
denial of service in IKEv2 when using custom MODP value.
2014-05-03 - Yves-Alexis Perez <corsac@debian.org>
strongswan (4.5.2-1.5+deb7u4) wheezy-security; urgency=high
* Non-maintainer upload by the Security Team.
* debian/patches:
- CVE-2014-2891 added, fix potential null pointer dereference when parsing
ASN.1 data, leading to denial of service (CVE-2014-2891).
2014-04-03 - Yves-Alexis Perez <corsac@debian.org>
strongswan (4.5.2-1.5+deb7u3) wheezy-security; urgency=high
* Non-maintainer upload by the Security Team.
* debian/patches:
- CVE-2014-2338-4.x added, fix authentication bypass (CVE-2014-2338).
2013-10-29 - Yves-Alexis Perez <corsac@debian.org>
strongswan (4.5.2-1.5+deb7u2) wheezy-security; urgency=high
* Non-maintainer upload by the Security Team.
* debian/patches
- CVE-2013-6075 added, fix remote denial of service and authorization
bypass.
2013-04-29 - Yves-Alexis Perez <corsac@debian.org>
strongswan (4.5.2-1.5+deb7u1) wheezy-security; urgency=high
* Non-maintainer upload by the Security Team.
* debian/patches:
- 0001-Check-return-value-of-ECDSA_Verify-correctly added. Fix ECDSA
signature verification when using openssl plugin (CVE-2013-2944).
2012-06-15 - gregor herrmann <gregoa@debian.org>
strongswan (4.5.2-1.5) unstable; urgency=low
* Non-maintainer upload.
* Fix "package must not include /var/lock/subsys":
don't ship /var/lock/subsys but create it in the init script.
(Closes: #667764)
2012-05-24 - Yves-Alexis Perez <corsac@debian.org>
strongswan (4.5.2-1.4) unstable; urgency=high
* Non-maintainer upload by the Security Team.
* debian/patches:
- 0001-Fix-boolean-return-value-if-an-empty-RSA-signature-i added,
backported from upstream. Fix CVE-2012-2388 (when using gmp plugin,
zero length RSA signatures are considered valid).
- 0001-Added-support-for-the-resolvconf-framework-in-resolv added,
correctly handle resolvconf-managed /etc/resolv.conf.     closes: #664873

See Also

Package Description
strongswan_4.5.2-1.5+deb7u8_all.deb IPsec VPN solution metapackage
structure-synth_1.5.0-1.1_i386.deb application for creating 3D structures
stterm_0.0~20120124+hg226-2_i386.deb bare bones and simple terminal for windowed system
stud_0.3-3_i386.deb scalable TLS unwrapping daemon
stumpwm_20110819.gitca08e08-2_all.deb tiling, keyboard driven Common Lisp window manager
stun_0.96.dfsg-6_i386.deb Server daemon and test client for STUN
stunnel4_4.53-1.1_i386.deb Universal SSL tunnel for network daemons
stx-btree-demo_0.8.6-1_i386.deb b+tree implementation in c++, demo program
stx-btree-dev_0.8.6-1_all.deb b+tree implementation in c++
stx-btree-doc_0.8.6-1_all.deb b+tree implementation in c++, doxygen documentation
stx2any_1.56-2_all.deb Converter from structured plain text to other formats
stymulator_0.21a~dfsg-1_i386.deb Curses based player and converter for the YM chiptune format
styx-dev_1.8.0-1.1_i386.deb combined parser/scanner generator development files
styx-doc_1.8.0-1.1_all.deb combined parser/scanner generator documentation
styx_1.8.0-1.1_i386.deb combined parser/scanner generator for C/C++
Advertisement
Advertisement