Bug#1037056: bookworm-pu: package libreswan/4.10-2+deb12u1

["Adam D. Barratt" <adam@adam-barratt.org.uk>]

On Fri, 2023-06-02 at 18:54 -0400, Daniel Kahn Gillmor wrote:
> Uploading libreswan 4.19-1+deb12u1 should address #1035542 (aka
> CVE-2023-30570), which addresses a potential DoS against libreswan
> instances that use a certain IKEv1 configuration.
> 
> Discussion with Salvatore Bonaccorso over in #1035542 concluded that
> using point releases for this should be sufficient.
> 

fwiw, because you already uploaded this, it hit testing-proposed-
updates, where it got autobuilt without any review from the Release
Team (as the approval boundary there is tpu -> testing, rather than
stable-new -> pu).

Hopefully that shouldn't make any practical difference, I'm just
mentioning it in case it was unexpected. (It will also need a bit of
handholding to get our tooling to recognise it properly once the
release has happened, but it's not the only package in that situation.)

Regards,

Adam