iperf3 (3.9-1+deb11u3) bullseye-security; urgency=high

  * Non-maintainer upload by the LTS team.
  * Fix CVE-2025-54349
  * Fix CVE-2025-54350

 -- Roberto Lumbreras <rover@debian.org>  Mon, 04 Aug 2025 22:31:23 +0200

iperf3 (3.9-1+deb11u2) bullseye-security; urgency=high

  * Non-maintainer upload by the LTS team.
  * Fix CVE-2023-7250:
    A flaw was found in iperf, a utility for testing network performance using
    TCP, UDP, and SCTP. A malicious or malfunctioning client can send less than
    the expected amount of data to the iperf server, which can cause the server
    to hang indefinitely waiting for the remainder or until the connection gets
    closed. This will prevent other connections to the server, leading to a
    denial of service.
  * Fix CVE-2024-26306:
    iPerf3, when used with OpenSSL before 3.2.0 as a server with RSA
    authentication, allows a timing side channel in RSA decryption operations.
    This side channel could be sufficient for an attacker to recover credential
    plaintext. It requires the attacker to send a large number of messages for
    decryption, as described in "Everlasting ROBOT: the Marvin Attack" by
    Hubert Kario.
  * Fix CVE-2024-53580:
    iperf3 was discovered to contain a segmentation violation via the
    iperf_exchange_parameters() function.

 -- Markus Koschany <apo@debian.org>  Tue, 28 Jan 2025 12:48:54 +0100

iperf3 (3.9-1+deb11u1) bullseye-security; urgency=high

  * Non-maintainer upload by the Security Team.
  * Fix memory allocation hazard and crash (Closes: #1040830)

 -- Aron Xu <aron@debian.org>  Mon, 17 Jul 2023 16:49:40 +0800

iperf3 (3.9-1) unstable; urgency=medium

  * New upstream version.
  * Updated standards.

 -- Roberto Lumbreras <rover@debian.org>  Tue, 06 Oct 2020 22:22:00 +0200

iperf3 (3.7-3) unstable; urgency=medium

  * Fix missing symbols on kfreebsd and hurd.
  * Fix minor issues: watch file, not-installed files.

 -- Roberto Lumbreras <rover@debian.org>  Tue, 14 Jan 2020 20:06:25 +0100

iperf3 (3.7-2) unstable; urgency=medium

  * Fix sctp patch (Closes: #948798).

 -- Roberto Lumbreras <rover@debian.org>  Tue, 14 Jan 2020 08:54:12 +0100

iperf3 (3.7-1) unstable; urgency=low

  * New upstream version.
  * Updated standards. Use github in watch file.
  * Workaround to compile on kfreebsd (sctp in the kernel but no libsctp-dev)

 -- Roberto Lumbreras <rover@debian.org>  Sun, 12 Jan 2020 21:59:12 +0100

iperf3 (3.6-2) unstable; urgency=low

  * Fix Build-Depends for non-Linux architectures.

 -- Roberto Lumbreras <rover@debian.org>  Fri, 27 Jul 2018 07:08:04 +0200

iperf3 (3.6-1) unstable; urgency=low

  * Enabled SCTP support (Closes: #858944).
  * Enabled OpenSSL support.
  * New maintainer.
  * New upstream version. (Closes: #840545).
  * Updated standards.

 -- Roberto Lumbreras <rover@debian.org>  Thu, 26 Jul 2018 16:43:49 +0200

iperf3 (3.1.3-1) unstable; urgency=medium

  * new upstream version which fixes CVE-2016-4303 (Closes: #827116)
  * enabled hardening flags
  * bumped standards version to 3.9.8

 -- Raoul Gunnar Borenius <borenius@dfn.de>  Wed, 22 Jun 2016 17:01:13 +0200

iperf3 (3.1.2-1) unstable; urgency=medium

  * new upstream version (Closes: #808820)

 -- Raoul Gunnar Borenius <borenius@dfn.de>  Fri, 19 Feb 2016 09:28:49 +0100

iperf3 (3.0.11-1) unstable; urgency=medium

  * new upstream version
  * added multiarch support
  * bumped standards version to 3.9.6

 -- Raoul Gunnar Borenius <borenius@dfn.de>  Mon, 20 Jul 2015 08:08:59 +0200

iperf3 (3.0.7-1) unstable; urgency=medium

  * new upstream version
  * tarball repackaging not necessary anymore

 -- Raoul Gunnar Borenius <borenius@dfn.de>  Thu, 11 Sep 2014 11:57:57 +0200

iperf3 (3.0.5+dfsg1-1) unstable; urgency=low

  * Initial release (Closes: #739921)
  * Repackage tarball to delete bootstrap.sh file with restrictive copyright.

 -- Raoul Gunnar Borenius <borenius@dfn.de>  Sat, 21 Jun 2014 15:57:27 +0200
