Ubuntu
openvpn package

Change logs for openvpn source package in Mantic

  1. Mantic (23.10)
  2. Change log 
  • openvpn (2.6.5-0ubuntu1.1) mantic-security; urgency=medium

  * SECURITY UPDATE: divide-by-zero via --fragment option
    - debian/patches/CVE-2023-46849.patch: remove saving initial frame code
      in src/openvpn/forward.c, src/openvpn/init.c, src/openvpn/openvpn.h.
    - CVE-2023-46849
  * SECURITY UPDATE: memory disclosure or code exec via use-after-free
    - debian/patches/CVE-2023-46850.patch: fix using to_link buffer after
      freed in src/openvpn/ssl.c.
    - CVE-2023-46850

 -- Marc Deslauriers <email address hidden>  Wed, 15 Nov 2023 13:12:32 -0500
  • openvpn (2.6.5-0ubuntu1) mantic; urgency=medium

  * New Upstream release 2.6.5 (LP: #2018095)
  * d/p/fix-dangling-pointer-in-pkcs11.patch:
    Remove - fixed upstream in 2.6.4
  * d/p/fix-memleak-in-dco_get_peer_stats_multi.patch:
    Remove - fixed upstream in 2.6.5

 -- Lena Voytek <email address hidden>  Tue, 11 Jul 2023 09:36:08 -0700
  • openvpn (2.6.3-2ubuntu1) mantic; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - d/control: Demote easy-rsa to Suggests (universe package).
    - debian/openvpn@.service: Add '--script-security 2' similar to what
      got added to debian/openvpn.init.d ages ago (LP #1454725)

openvpn (2.6.3-2) unstable; urgency=medium

  * Cherry-pick two bugfix commits from upstream
    - Memory leak in dco_get_peer_stats_multi for Linux
    - dangling pointer passed to pkcs11-helper

 -- Gianfranco Costamagna <email address hidden>  Mon, 22 May 2023 09:28:33 +0200
  • openvpn (2.6.3-1ubuntu1) mantic; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - d/control: Demote easy-rsa to Suggests (universe package).
    - debian/openvpn@.service: Add '--script-security 2' similar to what
      got added to debian/openvpn.init.d ages ago (LP #1454725)

openvpn (2.6.3-1) unstable; urgency=medium

  * New upstream version 2.6.2
    - drop patches applied upstream
    - needs new openvpn-dco-dkms version. Not adding a versioned dependency
      to untangle testing migration, because it will just not use the
      "wrong" version and run unaccelerated.
  * New upstream version 2.6.3

 -- Gianfranco Costamagna <email address hidden>  Tue, 02 May 2023 08:48:22 +0200
  • openvpn (2.6.1-1ubuntu1) lunar; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - d/control: Demote easy-rsa to Suggests (universe package).
    - debian/openvpn@.service: Add '--script-security 2' similar to what
      got added to debian/openvpn.init.d ages ago (LP #1454725)

openvpn (2.6.1-1) unstable; urgency=medium

  * Upload to unstable targetting bookworm
  * Cherry-Pick upstream commits from 2.6.2
    - fix rare ASSERT in tls-crypt
    - fix memory leaks in HMAC initial packet generation
    - set netlink socket to be non-blocking

openvpn (2.6.1-1~exp1) experimental; urgency=medium

  * New upstream version 2.6.1
    - target experimental due to the freeze

 -- Gianfranco Costamagna <email address hidden>  Mon, 27 Mar 2023 07:50:09 +0200