[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#870604: marked as done (stretch-pu: package openvpn/2.4.0-6+deb9u2)

Your message dated Sat, 07 Oct 2017 11:33:55 +0100
with message-id <1507372435.18586.64.camel@adam-barratt.org.uk>
and subject line Closing bugs for 9.2 point release
has caused the Debian Bug report #870604,
regarding stretch-pu: package openvpn/2.4.0-6+deb9u2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
870604: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870604
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: release.debian.org
Severity: normal
Tags: stretch
User: release.debian.org@packages.debian.org
Usertags: pu

Hi,

I'd like to fix RC bug #863110 in Stretch, causing OpenVPN connections to be 
broken when they are reestablished after a timeout.

The patch has been part of several upstream releases which have been in 
sid/buster for a couple of weeks now. The submitter tested the patch to be
fixing this issue.

diff attached

Best Regards,
Bernhard

diff --git a/debian/changelog b/debian/changelog
index 0f96932..dd7f177 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+openvpn (2.4.0-6+deb9u2) stretch; urgency=medium
+
+  * Fix broken reconnect on connection loss due to wrong push digest calculation.
+    Thanks to Patrick Matthäi for testing (Closes: #863110)
+
+ -- Bernhard Schmidt <berni@debian.org>  Tue, 18 Jul 2017 22:15:17 +0200
+
 openvpn (2.4.0-6+deb9u1) stretch-security; urgency=high
 
    * SECURITY UPDATE: (Closes: #865480)
diff --git a/debian/patches/812-fix-push-options-digest-update.patch b/debian/patches/812-fix-push-options-digest-update.patch
new file mode 100644
index 0000000..f79a27c
--- /dev/null
+++ b/debian/patches/812-fix-push-options-digest-update.patch
@@ -0,0 +1,31 @@
+From: Selva Nair <selva.nair@gmail.com>
+Date: Tue, 3 Jan 2017 16:42:18 -0500
+Subject: [PATCH] Fix push options digest update
+Bug: https://community.openvpn.net/openvpn/ticket/812
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863110
+
+Trac: #812
+
+Signed-off-by: Selva Nair <selva.nair@gmail.com>
+Acked-by: Steffan Karger <steffan.karger@fox-it.com>
+Message-Id: <1483479738-17672-1-git-send-email-selva.nair@gmail.com>
+URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg13816.html
+Signed-off-by: Gert Doering <gert@greenie.muc.de>
+---
+ src/openvpn/push.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/openvpn/push.c b/src/openvpn/push.c
+index f5154756a..c9c04a630 100644
+--- a/src/openvpn/push.c
++++ b/src/openvpn/push.c
+@@ -692,8 +692,8 @@ push_update_digest(md_ctx_t *ctx, struct buffer *buf, const struct options *opt)
+         {
+             continue;
+         }
++        md_ctx_update(ctx, (const uint8_t *) line, strlen(line)+1);
+     }
+-    md_ctx_update(ctx, (const uint8_t *) line, strlen(line)+1);
+ }
+ 
+ int
diff --git a/debian/patches/series b/debian/patches/series
index a83cda1..4357c69 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -12,3 +12,4 @@ CVE-2017-7508.patch
 CVE-2017-7520.patch
 CVE-2017-7521.patch
 CVE-2017-7521bis.patch
+812-fix-push-options-digest-update.patch

--- End Message ---
--- Begin Message --- 
Version: 9.2

Hi.

The updates referenced by each of these bugs was included in today's
point release of stretch.

Regards,

Adam

--- End Message ---
Reply to: