[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Accepted openvpn 2.4.0-5 (source amd64) into unstable



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Thu, 11 May 2017 14:15:21 +0200
Source: openvpn
Binary: openvpn
Architecture: source amd64
Version: 2.4.0-5
Distribution: unstable
Urgency: high
Maintainer: Alberto Gonzalez Iniesta <agi@inittab.org>
Changed-By: Alberto Gonzalez Iniesta <agi@inittab.org>
Description:
 openvpn    - virtual private network daemon
Changes:
 openvpn (2.4.0-5) unstable; urgency=high
 .
   * Change typo fix in command line help.
   * SECURITY UPDATE: pre-authentication denial-of-service vulnerability
     (both client and server) from a too-large control packet.
     - debian/patches/CVE-2017-7478.patch: Do not assert on too-large
       control packet
     - CVE-2017-7478
   * SECURITY UPDATE: authenticated remote DoS vulnerability due to
     packet ID rollover
     - debian/patches/CVE-2017-7479-prereq.patch: merge
       packet_id_alloc_outgoing() into packet_id_write()
     - debian/patches/CVE-2017-7479.patch: do not assert when packet ID
       rollover occurs
     - CVE-2017-7479
   * SECURITY UPDATE: auth tokens left in memory after de-auth
     - debian/patches/wipe_tokens_on_de-auth.patch: always wipe token
       as soon as a TLS session is considered broken.
    * Kudos to Steve Beattie <sbeattie@ubuntu.com> for doing all the
      backporting work for this upload.
Checksums-Sha1:
 6a883a5e3754f85ffcca93d7500fdeb8bfe9ed43 2092 openvpn_2.4.0-5.dsc
 442e10d0f09c5c48395e641c82db131553be5267 56832 openvpn_2.4.0-5.debian.tar.xz
 0ebba28ece7c3deca583036c74d2fe83b06eeefd 1371924 openvpn-dbgsym_2.4.0-5_amd64.deb
 6372c8bd4b78f600a93fc218bb5b2c64b7c97304 6465 openvpn_2.4.0-5_amd64.buildinfo
 c8063b9ad39ef8d64dcffcda0c83bb479ca214f4 499612 openvpn_2.4.0-5_amd64.deb
Checksums-Sha256:
 1eb538f52ba8adb445aba8a5e2f016e245b54b2182caf4261915124ba331a695 2092 openvpn_2.4.0-5.dsc
 63375ba20d283c6a13de8ab1a951d12d866b0476759c829202c440ccc04d5d15 56832 openvpn_2.4.0-5.debian.tar.xz
 1bdc83510f3a72f6677e1b3d7b41fb09a4038860e749b232d9e630a15c8068c8 1371924 openvpn-dbgsym_2.4.0-5_amd64.deb
 73950211edcc3856a8b91a38b5ffd383a8607f4bfd275bf6e789a863aeca7efb 6465 openvpn_2.4.0-5_amd64.buildinfo
 de85bb57a12124452090c9171297b52a1a85517a3d834724a735244728c5312f 499612 openvpn_2.4.0-5_amd64.deb
Files:
 e79fcbc8400cc005c793bfed91cf5f6f 2092 net optional openvpn_2.4.0-5.dsc
 df36b76882b917241c3b682efcbd39d6 56832 net optional openvpn_2.4.0-5.debian.tar.xz
 a3060965821a5896279df342a3146e5d 1371924 debug extra openvpn-dbgsym_2.4.0-5_amd64.deb
 5915562befce6d44738ae4397eecfd5d 6465 net optional openvpn_2.4.0-5_amd64.buildinfo
 e899ceed350cbd48d5f5e33b205cb52c 499612 net optional openvpn_2.4.0-5_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQJEBAEBCAAuFiEEU0fL2D4wqetNfUvyAJszdWuaqlUFAlkUWBMQHGFnaUBpbml0
dGFiLm9yZwAKCRAAmzN1a5qqVZx3EACEFNXGJENI/Y1G5nigGEQTwJYcPcWFCDLP
WHhSj4Hyqy3BtE+Q+18SzaykXr2iymcpBepX8o55eTwiOE/P2dUxNrau2UMmLbdy
GyObrouJhKFWgiJ9d+s6Vm3slCKRQrHgEIY3B6oCSgtsYuXp5Fmvb8gO5ssLcA2f
7RXNRjpCubD9sXiINAXsoZIuEzyQV94tO5uQUDUkvhy09PRZ8l+L/uGjEM/LGDZv
2lHKQD4hWTrAIye3aShyGIcMfeEzY0L0iY3jV7HpO463e7BihKlvTA78T6vXkTnX
JDs+60mZXTBovyEw1jA9kIATJ9DUVGPBUaiYNVeO2NerM+wetz/U/vlLSx9JqYZB
H1BhO4TTJRfx2IWLsnRD5rxzArdMK+F3p1UpYmCCdrzomThNkecKQwr2IWHS5BWn
1j/WbO7mkxt9jaYjEZLjxFEmPWjd1DtPxOAdMrEgoLjTCmv1N76GRY8Cd8W6jTnE
cliAKKoeyhxjrwoC6IpbPdYL/t33voG4+Cp6vtKRr19wn92OLU0hfJPQNUE3JieS
FomgsaKTxVLlU/RFlmY1Ydu8t4aPE7/9rW8WF4dhiGzNcKNkOnL/pENyrWcc8638
hG/HJT/aPWkRnnVX+zZwOgz63hcn5LVcZ1LahsOFHKS2PNTWLVSBBL/XjpObxwRy
/nNdlCA3JQ==
=qvEF
-----END PGP SIGNATURE-----


Reply to: