Commit 24f2eb1e authored by Baruch Siach's avatar Baruch Siach Committed by Peter Korsgaard
Browse files

openvpn: security bump to version 2.4.3

Fixes:

CVE-2017-7508 - Remotely-triggerable ASSERT() on malformed IPv6 packet

CVE-2017-7520 - Pre-authentication remote crash/information disclosure for
clients

CVE-2017-7521 - Potential double-free in --x509-alt-username

CVE-2017-7521 - Remote-triggerable memory leaks

CVE-2017-7522 - Post-authentication remote DoS when using the --x509-track
option

Details at

  https://community.openvpn.net/openvpn/wiki/VulnerabilitiesFixedInOpenVPN243



Cc: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: default avatarBaruch Siach <baruch@tkos.co.il>
Signed-off-by: default avatarPeter Korsgaard <peter@korsgaard.com>
parent 087e7049
# Locally calculated
sha256 df5c4f384b7df6b08a2f6fa8a84b9fd382baf59c2cef1836f82e2a7f62f1bff9 openvpn-2.4.2.tar.xz
# Locally calculated after checking signature
sha256 15e15fc97f189b52aee7c90ec8355aa77469c773125110b4c2f089abecde36fb openvpn-2.4.3.tar.xz
......@@ -4,7 +4,7 @@
#
################################################################################
OPENVPN_VERSION = 2.4.2
OPENVPN_VERSION = 2.4.3
OPENVPN_SOURCE = openvpn-$(OPENVPN_VERSION).tar.xz
OPENVPN_SITE = http://swupdate.openvpn.net/community/releases
OPENVPN_DEPENDENCIES = host-pkgconf openssl
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment