Accepted openvpn 2.4.0-5 (source amd64) into unstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 11 May 2017 14:15:21 +0200
Source: openvpn
Binary: openvpn
Architecture: source amd64
Version: 2.4.0-5
Distribution: unstable
Urgency: high
Maintainer: Alberto Gonzalez Iniesta <agi@inittab.org>
Changed-By: Alberto Gonzalez Iniesta <agi@inittab.org>
Description:
openvpn - virtual private network daemon
Changes:
openvpn (2.4.0-5) unstable; urgency=high
.
* Change typo fix in command line help.
* SECURITY UPDATE: pre-authentication denial-of-service vulnerability
(both client and server) from a too-large control packet.
- debian/patches/CVE-2017-7478.patch: Do not assert on too-large
control packet
- CVE-2017-7478
* SECURITY UPDATE: authenticated remote DoS vulnerability due to
packet ID rollover
- debian/patches/CVE-2017-7479-prereq.patch: merge
packet_id_alloc_outgoing() into packet_id_write()
- debian/patches/CVE-2017-7479.patch: do not assert when packet ID
rollover occurs
- CVE-2017-7479
* SECURITY UPDATE: auth tokens left in memory after de-auth
- debian/patches/wipe_tokens_on_de-auth.patch: always wipe token
as soon as a TLS session is considered broken.
* Kudos to Steve Beattie <sbeattie@ubuntu.com> for doing all the
backporting work for this upload.
Checksums-Sha1:
6a883a5e3754f85ffcca93d7500fdeb8bfe9ed43 2092 openvpn_2.4.0-5.dsc
442e10d0f09c5c48395e641c82db131553be5267 56832 openvpn_2.4.0-5.debian.tar.xz
0ebba28ece7c3deca583036c74d2fe83b06eeefd 1371924 openvpn-dbgsym_2.4.0-5_amd64.deb
6372c8bd4b78f600a93fc218bb5b2c64b7c97304 6465 openvpn_2.4.0-5_amd64.buildinfo
c8063b9ad39ef8d64dcffcda0c83bb479ca214f4 499612 openvpn_2.4.0-5_amd64.deb
Checksums-Sha256:
1eb538f52ba8adb445aba8a5e2f016e245b54b2182caf4261915124ba331a695 2092 openvpn_2.4.0-5.dsc
63375ba20d283c6a13de8ab1a951d12d866b0476759c829202c440ccc04d5d15 56832 openvpn_2.4.0-5.debian.tar.xz
1bdc83510f3a72f6677e1b3d7b41fb09a4038860e749b232d9e630a15c8068c8 1371924 openvpn-dbgsym_2.4.0-5_amd64.deb
73950211edcc3856a8b91a38b5ffd383a8607f4bfd275bf6e789a863aeca7efb 6465 openvpn_2.4.0-5_amd64.buildinfo
de85bb57a12124452090c9171297b52a1a85517a3d834724a735244728c5312f 499612 openvpn_2.4.0-5_amd64.deb
Files:
e79fcbc8400cc005c793bfed91cf5f6f 2092 net optional openvpn_2.4.0-5.dsc
df36b76882b917241c3b682efcbd39d6 56832 net optional openvpn_2.4.0-5.debian.tar.xz
a3060965821a5896279df342a3146e5d 1371924 debug extra openvpn-dbgsym_2.4.0-5_amd64.deb
5915562befce6d44738ae4397eecfd5d 6465 net optional openvpn_2.4.0-5_amd64.buildinfo
e899ceed350cbd48d5f5e33b205cb52c 499612 net optional openvpn_2.4.0-5_amd64.deb
-----BEGIN PGP SIGNATURE-----
iQJEBAEBCAAuFiEEU0fL2D4wqetNfUvyAJszdWuaqlUFAlkUWBMQHGFnaUBpbml0
dGFiLm9yZwAKCRAAmzN1a5qqVZx3EACEFNXGJENI/Y1G5nigGEQTwJYcPcWFCDLP
WHhSj4Hyqy3BtE+Q+18SzaykXr2iymcpBepX8o55eTwiOE/P2dUxNrau2UMmLbdy
GyObrouJhKFWgiJ9d+s6Vm3slCKRQrHgEIY3B6oCSgtsYuXp5Fmvb8gO5ssLcA2f
7RXNRjpCubD9sXiINAXsoZIuEzyQV94tO5uQUDUkvhy09PRZ8l+L/uGjEM/LGDZv
2lHKQD4hWTrAIye3aShyGIcMfeEzY0L0iY3jV7HpO463e7BihKlvTA78T6vXkTnX
JDs+60mZXTBovyEw1jA9kIATJ9DUVGPBUaiYNVeO2NerM+wetz/U/vlLSx9JqYZB
H1BhO4TTJRfx2IWLsnRD5rxzArdMK+F3p1UpYmCCdrzomThNkecKQwr2IWHS5BWn
1j/WbO7mkxt9jaYjEZLjxFEmPWjd1DtPxOAdMrEgoLjTCmv1N76GRY8Cd8W6jTnE
cliAKKoeyhxjrwoC6IpbPdYL/t33voG4+Cp6vtKRr19wn92OLU0hfJPQNUE3JieS
FomgsaKTxVLlU/RFlmY1Ydu8t4aPE7/9rW8WF4dhiGzNcKNkOnL/pENyrWcc8638
hG/HJT/aPWkRnnVX+zZwOgz63hcn5LVcZ1LahsOFHKS2PNTWLVSBBL/XjpObxwRy
/nNdlCA3JQ==
=qvEF
-----END PGP SIGNATURE-----
Reply to: