openvpn 2.4.0-4ubuntu1.2 source package in Ubuntu
Changelog
openvpn (2.4.0-4ubuntu1.2) zesty-security; urgency=medium * SECURITY UPDATE: pre-authentication denial-of-service vulnerability (both client and server) from a too-large control packet. - debian/patches/CVE-2017-7478.patch: Do not assert on too-large control packet - CVE-2017-7478 * SECURITY UPDATE: authenticated remote DoS vulnerability due to packet ID rollover - debian/patches/CVE-2017-7479-prereq.patch: merge packet_id_alloc_outgoing() into packet_id_write() - debian/patches/CVE-2017-7478.patch: do not assert when packet ID rollover occurs - CVE-2017-7478 * SECURITY UPDATE: auth tokens left in memory after de-auth - debian/patches/wipe_tokens_on_de-auth.patch: always wipe token as soon as a TLS session is considered broken. -- Steve Beattie <email address hidden> Wed, 10 May 2017 15:21:05 -0700
Upload details
- Uploaded by:
- Steve Beattie
- Uploaded to:
- Zesty
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any
- Section:
- net
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
openvpn_2.4.0.orig.tar.gz | 1.3 MiB | f21db525b3c03a9bbd0a7ab6d0e4fbaf8902f238bf53b8bc4e04f834e4e7caa4 |
openvpn_2.4.0-4ubuntu1.2.debian.tar.xz | 58.0 KiB | 004aa6a83e70cd46c86f941e8e40278f06971409cee3d28be7d68780f5f96a0a |
openvpn_2.4.0-4ubuntu1.2.dsc | 2.1 KiB | e1edd2ac0b1bf3ef51814940deea0987c533af1e666dbe9e7c2446c8c924b46f |
Available diffs
Binary packages built by this source
- openvpn: No summary available for openvpn in ubuntu zesty.
No description available for openvpn in ubuntu zesty.
- openvpn-dbgsym: No summary available for openvpn-dbgsym in ubuntu zesty.
No description available for openvpn-dbgsym in ubuntu zesty.