projects / feed / packages.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 5ffdf33) | patch
openvpn: update to 2.6.8
authorIvan Pavlov <[email protected]>
Mon, 13 Nov 2023 09:26:27 +0000 (12:26 +0300)
committerRosen Penev <[email protected]>
Sun, 19 Nov 2023 20:24:11 +0000 (12:24 -0800)
commitf52f4370700afeba5a7b085ab6a6693745c89eba
tree548080618a4a8049de5dfac8a3789de88fec1caftree | snapshot
parent5ffdf3392fed0d4ddd83549971171c5412346d95commit | diff
openvpn: update to 2.6.8

This is a bugfix release containing security fixes.

Security Fixes (included in 2.6.7):

CVE-2023-46850 OpenVPN versions between 2.6.0 and 2.6.6 incorrectly use a send buffer
after it has been free()d in some circumstances, causing some free()d memory to be sent to the peer.
All configurations using TLS (e.g. not using --secret) are affected by this issue.

CVE-2023-46849 OpenVPN versions between 2.6.0 and 2.6.6 incorrectly restore --fragment configuration
in some circumstances, leading to a division by zero when --fragment is used.
On platforms where division by zero is fatal, this will cause an OpenVPN crash.

For details refer to https://github.com/OpenVPN/openvpn/blob/v2.6.8/Changes.rst

Signed-off-by: Ivan Pavlov <[email protected]>
net/openvpn/Makefile diff | blob | history
net/openvpn/patches/100-mbedtls-disable-runtime-version-check.patch diff | blob | history
net/openvpn/patches/101-Fix-EVP_PKEY_CTX_-compilation-with-wolfSSL.patch diff | blob | history
net/openvpn/patches/102-Disable-external-ec-key-support-when-building-with-wolfSSL.patch diff | blob | history
net/openvpn/patches/103-define-LN_serialNumber-for-wolfSSL.patch diff | blob | history
Mirror of packages feed