projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 087e704) | patch
openvpn: security bump to version 2.4.3
authorBaruch Siach <baruch@tkos.co.il>
Thu, 22 Jun 2017 17:54:57 +0000 (20:54 +0300)
committerPeter Korsgaard <peter@korsgaard.com>
Thu, 22 Jun 2017 21:26:57 +0000 (23:26 +0200)
commit24f2eb1e157e2c0b08579939c293aa7c1d3d0c28
treef0d591625ebdfeecf17329ea8fa7fb1d465aa281tree
parent087e70498ab25c76cd8542100361f79af7580eb7commit | diff
openvpn: security bump to version 2.4.3

Fixes:

CVE-2017-7508 - Remotely-triggerable ASSERT() on malformed IPv6 packet

CVE-2017-7520 - Pre-authentication remote crash/information disclosure for
clients

CVE-2017-7521 - Potential double-free in --x509-alt-username

CVE-2017-7521 - Remote-triggerable memory leaks

CVE-2017-7522 - Post-authentication remote DoS when using the --x509-track
option

Details at

  https://community.openvpn.net/openvpn/wiki/VulnerabilitiesFixedInOpenVPN243

Cc: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
package/openvpn/openvpn.hash diff | blob | history
package/openvpn/openvpn.mk diff | blob | history