[BSA-116] Security Update for openvpn
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Bernhard Schmidt uploaded new packages for openvpn which fixed the
following security problems:
CVE-2017-7479
It was discovered that openvpn did not properly handle the
rollover of packet identifiers. This would allow an authenticated
remote attacker to cause a denial-of-service via application
crash.
CVE-2017-7508
Guido Vranken discovered that openvpn did not properly handle
specific malformed IPv6 packets. This would allow a remote
attacker to cause a denial-of-service via application crash.
CVE-2017-7520
Guido Vranken discovered that openvpn did not properly handle
clients connecting to an HTTP proxy with NTLMv2
authentication. This would allow a remote attacker to cause a
denial-of-service via application crash, or potentially leak
sensitive information like the user's proxy password.
CVE-2017-7521
Guido Vranken discovered that openvpn did not properly handle
some x509 extensions. This would allow a remote attacker to cause
a denial-of-service via application crash.
For the jessie-backports distribution the problems have been fixed in
version 2.4.0-6+deb9u1~bpo8+1.
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEELHLzKO0XByBPs0mU3ugEPuF+uzAFAllckvwACgkQ3ugEPuF+
uzAwhw//ShIMl/S6UaVFHmeRV0nY2PMo3Q9l+9jq/3oMxiUZckZI8AwcoBrjy+h4
T6T6H5wWfGLOKh4Wfu6cVTV57Jhx2sZ4JiFY+xhnkXvniVb3McD6HQ1VtxvyjUQf
DjsuRHjpaywZSSF4KVQeW8YjX4uR1Qqi5yNXKs4WljaSQvuWhNKeo9mv3YO/Z2sk
76yH0pwyltkpXsYqRbPUek6sICkL4bdq47km4kxKNQI2/+Vkmst/va+OIXgI5ElK
JLUvYBqmZAPLmIETuWQLtLD+vQTL/WfU/b2tmL/qIljvxKt3UiFtfPBgGRmvleWQ
KGBclI1F6w2LzNJjJbvCfh56xBtpDgeVKIgOwqb5yDTFoI78Hw3SrKX9pS8G0/bJ
9f8voLVHfCvu71/1/qMgnAQIuShgA6zC6N2m08tIZSHCD/iXNQwUrE+BTtI5Sffv
e/1nVdL4k1437rXrbNYqFbeB+l+iukE4Fl3CoM2r5Qkn/eziraus5XggieL9PWOi
GvlbsfXjB69F8YOVqM5edwsUeJYxJXxe9yVTGhQmZA4Y7KOJxiHjzz7bxdFR4302
JfYS/6l28MZq2Ks8XT0OAd1HA51r2N/elGapnnVJNxQbqw1O7g28GJgTmiNoLxM8
BPkex29V+g/n3JsSEyGxepv45AbhoC6SaLIgF4BqpsEdYIKS1uw=
=ss7y
-----END PGP SIGNATURE-----
Reply to: