Accepted openvpn 2.4.0-6~bpo8+1 (source amd64) into jessie-backports->backports-policy, jessie-backports

To: debian-backports-changes@lists.debian.org
Subject: Accepted openvpn 2.4.0-6~bpo8+1 (source amd64) into jessie-backports->backports-policy, jessie-backports
From: Alberto Gonzalez Iniesta <agi@inittab.org>
Date: Tue, 06 Jun 2017 09:48:58 +0000
Message-id: <[🔎] E1dIB6g-0002bZ-Td@fasolo.debian.org>
Mail-followup-to: debian-backports@lists.debian.org
Reply-to: debian-backports@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Tue, 30 May 2017 13:02:07 +0200
Source: openvpn
Binary: openvpn
Architecture: source amd64
Version: 2.4.0-6~bpo8+1
Distribution: jessie-backports
Urgency: high
Maintainer: Alberto Gonzalez Iniesta <agi@inittab.org>
Changed-By: Alberto Gonzalez Iniesta <agi@inittab.org>
Description:
 openvpn    - virtual private network daemon
Closes: 849909 852381
Changes:
 openvpn (2.4.0-6~bpo8+1) jessie-backports; urgency=medium
 .
   * Backport to jessie
 .
 openvpn (2.4.0-6) unstable; urgency=medium
 .
   * Apply upstream patch to fix shrinking MTU sizes on reconnects causing not
     usable VPN tunnels.
 .
 openvpn (2.4.0-5) unstable; urgency=high
 .
   * Change typo fix in command line help.
   * SECURITY UPDATE: pre-authentication denial-of-service vulnerability
     (both client and server) from a too-large control packet.
     - debian/patches/CVE-2017-7478.patch: Do not assert on too-large
       control packet
     - CVE-2017-7478
   * SECURITY UPDATE: authenticated remote DoS vulnerability due to
     packet ID rollover
     - debian/patches/CVE-2017-7479-prereq.patch: merge
       packet_id_alloc_outgoing() into packet_id_write()
     - debian/patches/CVE-2017-7479.patch: do not assert when packet ID
       rollover occurs
     - CVE-2017-7479
   * SECURITY UPDATE: auth tokens left in memory after de-auth
     - debian/patches/wipe_tokens_on_de-auth.patch: always wipe token
       as soon as a TLS session is considered broken.
    * Kudos to Steve Beattie <sbeattie@ubuntu.com> for doing all the
      backporting work for this upload.
 .
 openvpn (2.4.0-4) unstable; urgency=medium
 .
   * Add NEWS entries on possible 2.4 migration issues.
     (Closes: #852381, #849909)
Checksums-Sha1:
 1e28dd1c9ea113bef9bc7d2074a6edc5fc2bc631 2117 openvpn_2.4.0-6~bpo8+1.dsc
 25a2aaec0ae68dbe799077f363ffd8407f83314f 57836 openvpn_2.4.0-6~bpo8+1.debian.tar.xz
 94735179bbf257647ae6aa424d35726f0b2f5590 577102 openvpn_2.4.0-6~bpo8+1_amd64.deb
Checksums-Sha256:
 02636603eb876f9c8d8ab2f73ad5962c03e18a9d1b7af570cc15e8c91b3c7823 2117 openvpn_2.4.0-6~bpo8+1.dsc
 d6e2b7b1855173e6f47c1101131b4bd22465e314d902779097538228da1b7a11 57836 openvpn_2.4.0-6~bpo8+1.debian.tar.xz
 9e9239a2d5015fce251d74519308175552b13859ece3945e9660c5cc02bd8872 577102 openvpn_2.4.0-6~bpo8+1_amd64.deb
Files:
 525f604b6efa332c81b8e51d1df9a781 2117 net optional openvpn_2.4.0-6~bpo8+1.dsc
 cab73c230157472ebee08d8333daf363 57836 net optional openvpn_2.4.0-6~bpo8+1.debian.tar.xz
 8436e4777f54fac446958df7724aa8ff 577102 net optional openvpn_2.4.0-6~bpo8+1_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQJEBAEBCAAuFiEEU0fL2D4wqetNfUvyAJszdWuaqlUFAlkv1kkQHGFnaUBpbml0
dGFiLm9yZwAKCRAAmzN1a5qqVVMBD/9YOat3+HIhTGswI2/FSKky9uewGUSGq/nF
hAbtdBjOv83veD/o9Fw8TVdV2fYrUNtM2K2Arb8hjJ6CeRXvyIdBeMuTBHQ06O1o
nGP+4HvMDJ2mcxyZtoH2zrWMwrn3acW5aPtBUrKOhBOCLnAQujaJ1SFtr00DiysF
QSOTfAnFcsgD1jjgii/+mRcsmQQP73F3pNQu/JpbO0xoDawSba+8XcUa5VOnmDU1
rEokPfWxMwjTgHxbNpTMgeRRmlrPDErd4wy1c1x29GLcSDP+GAlJzkrbtOfcAg+6
vgB8qzSU74E8ZFn4o6QBcaSrY1uaD6YjH4XNccy3VAR/rhMr2GCZiULFYNC89c1H
JnsW0h8Y0oFHGPSWHjDkpNmVNoOzlUqZ/uQn7S2Z4vkcIWiY2EFw4iQHBU8XGsHB
d+Ck2myCeJs83QnKW0HVSIdsbrytOicd8DqeGb6OAuQQ9gIu14GjwY1TViNH8tys
wxEc3TpxbzaqkfBBxJWBqIi8x6pX+t73i2KSwjsxrzGX6f+q6RpEu0lKv+TgGZ5Y
7492jiNHeKN15jM5mhhIDVqQWzgX5jg9NU4RV29MTGBa5h7jRum4G2OwrFmzdPM2
foNlWi+ik7YqRQCPkrcuOkZAOFuuaMAWL60doxAK8xFto9kDoFMNt03FM/qp6wPV
H8/KQJldIQ==
=GmCA
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: Accepted pesign 0.112-4~bpo8+1 (source amd64) into jessie-backports->backports-policy, jessie-backports
Next by Date: Accepted nvidia-graphics-drivers 375.66-1~bpo8+1 (amd64 i386 source) into jessie-backports->backports-policy, jessie-backports
Previous by thread: Accepted pesign 0.112-4~bpo8+1 (source amd64) into jessie-backports->backports-policy, jessie-backports
Next by thread: Accepted nvidia-graphics-drivers 375.66-1~bpo8+1 (amd64 i386 source) into jessie-backports->backports-policy, jessie-backports
Index(es):
- Date
- Thread