libreswan-5: update to 5.0rc3

[Andrew Cagney <andrew.cagney%gmail.com@localhost>]

Module Name:	pkgsrc-wip
Committed By:	Andrew Cagney <andrew.cagney%gmail.com@localhost>
Pushed By:	cagney
Date:		Wed Apr 17 16:49:20 2024 +0000
Changeset:	d1f21c53fcee3a53babfa3d26b8a7852b9f81b96

Modified Files:
	libreswan-5/Makefile
	libreswan-5/TODO
	libreswan-5/distinfo

Log Message:
libreswan-5: update to 5.0rc3

fix CVE-2024-3652
don't link in libxz via systemd

To see a diff of this commit:
https://wip.pkgsrc.org/cgi-bin/gitweb.cgi?p=pkgsrc-wip.git;a=commitdiff;h=d1f21c53fcee3a53babfa3d26b8a7852b9f81b96

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

diffstat:
 libreswan-5/Makefile |  9 ++-------
 libreswan-5/TODO     | 26 +++++++++++++++++++++-----
 libreswan-5/distinfo |  6 +++---
 3 files changed, 26 insertions(+), 15 deletions(-)

diffs:
diff --git a/libreswan-5/Makefile b/libreswan-5/Makefile
index 079cbb251e..353cecffa2 100644
--- a/libreswan-5/Makefile
+++ b/libreswan-5/Makefile
@@ -15,13 +15,8 @@
 #
 # libreswan: 5.0 5.0nb1 ...
 
-
-#DISTNAME=      libreswan-5.0pre0.20231114
-DISTNAME=	libreswan-5.0rc2
-GITHUB_PROJECT=	libreswan
-GITHUB_TAG=	v5.0rc2
-MASTER_SITES=	${MASTER_SITE_GITHUB:=${GITHUB_PROJECT}/}
-DIST_SUBDIR=	${GITHUB_PROJECT}
+DISTNAME=	libreswan-5.0rc3
+MASTER_SITES=   https://download.libreswan.org/development/
 
 CATEGORIES=	security
 MAINTAINER=	pkgsrc-users%NetBSD.org@localhost
diff --git a/libreswan-5/TODO b/libreswan-5/TODO
index 8b8d76a7bc..794263ac5a 100644
--- a/libreswan-5/TODO
+++ b/libreswan-5/TODO
@@ -2,11 +2,27 @@
 
   PFKEYV2 and XFRM are pretty esoteric.
 
-- /etc/ipsec*
+  Libreswan builds on Fedora, Debian, Apline (they each
+  have their own packaing quirks), FreeBSD, NetBSD, OpenBSD
 
-  ipsec.conf, ipsec.secrets and ipsec.d/*
+  not sure about this package
 
-- logrotate https://github.com/libreswan/libreswan/issues/767
+- add following entries to pkg-vulnerabilities
 
-  It's a weak dependency / suggested package.  If libreswan is
-  using syslog, say, it isn't needed.
+libreswan<5.0rc3	denial-of-service	https://libreswan.org/security/CVE-2024-3652/CVE-2024-3652.txt
+libreswan<5.0rc2	denial-of-service	https://libreswan.org/security/CVE-2024-2357/CVE-2024-2357.txt
+
+libreswan<4.15		denial-of-service	https://libreswan.org/security/CVE-2024-3652/CVE-2024-3652.txt
+libreswan<4.13nb1	denial-of-service	https://libreswan.org/security/CVE-2024-2357/CVE-2024-2357.txt
+libreswan<4.12nb1	denial-of-service	https://libreswan.org/security/CVE-2023-38712/CVE-2023-38712.txt
+libreswan<4.12nb1	denial-of-service	https://libreswan.org/security/CVE-2023-38711/CVE-2023-38711.txt
+libreswan<4.12nb1	denial-of-service	https://libreswan.org/security/CVE-2023-38710/CVE-2023-38710.txt
+libreswan<4.9nb3	denial-of-service	https://libreswan.org/security/CVE-2023-30570/CVE-2023-30570.txt
+libreswan<4.9nb2	denial-of-service	https://libreswan.org/security/CVE-2023-23009/CVE-2023-23009.txt
+libreswan<4.6		denial-of-service	https://libreswan.org/security/CVE-2022-23094/CVE-2022-23094.txt
+
+Notes:
+
+4.7		earliest pkgsrc version, 4.6 is just a baseline
+CVE-2023-2295	was a bug in Red Hat's Libreswan package, not Libreswan
+4.9nb2 4.9nb3	were cut from libreswan's mainline
diff --git a/libreswan-5/distinfo b/libreswan-5/distinfo
index cbcbbaa4b4..5323fb50b5 100644
--- a/libreswan-5/distinfo
+++ b/libreswan-5/distinfo
@@ -1,5 +1,5 @@
 $NetBSD$
 
-BLAKE2s (libreswan/libreswan-5.0rc2.tar.gz) = e969849745eff82c463d10875e723ae891e6b4a5f2c2da84640783e1e5a83486
-SHA512 (libreswan/libreswan-5.0rc2.tar.gz) = a7f47b820d6aacf46eb3ab80f3436af3580b07e3cce23624329b9c3771bd4a0f75a7cc9c1b25b438a024c2feb1b473595ee6ddbc6773a2d1788639f055e1a15d
-Size (libreswan/libreswan-5.0rc2.tar.gz) = 3951446 bytes
+BLAKE2s (libreswan-5.0rc3.tar.gz) = 0cf5453bf7c5ba74f3aeb3428db8cf3f797b9892f60dbf62b3a0820eacdbcc59
+SHA512 (libreswan-5.0rc3.tar.gz) = d6fb36b182d86550f7782d388350056e6258b0adf53d062d0e65eb2a57eb9711c2782e3fe8a14ce2019c9c9c8514461a8459916f009dcfb7701102778deecb97
+Size (libreswan-5.0rc3.tar.gz) = 3958177 bytes