openvpn 2.3.2-7ubuntu3.2 source package in Ubuntu
Changelog
openvpn (2.3.2-7ubuntu3.2) trusty-security; urgency=medium * SECURITY UPDATE: birthday attack when using 64-bit block cipher - debian/patches/CVE-2016-6329.patch: print warning if 64-bit cipher is selected in src/openvpn/crypto.c, src/openvpn/crypto_openssl.c. - CVE-2016-6329 * SECURITY UPDATE: DoS due to Exhaustion of Packet-ID counter - debian/patches/CVE-2017-7479-pre.patch: merge packet_id_alloc_outgoing() into packet_id_write() in src/openvpn/crypto.c, src/openvpn/packet_id.c, src/openvpn/packet_id.h. - debian/patches/CVE-2017-7479.patch: drop packets instead of assert out if packet id rolls over in src/openvpn/crypto.c, src/openvpn/packet_id.c, src/openvpn/packet_id.h. - CVE-2017-7479 * SECURITY UPDATE: Remotely-triggerable ASSERT() on malformed IPv6 packet - debian/patches/CVE-2017-7508.patch: remove assert in src/openvpn/mss.c. - CVE-2017-7508 * SECURITY UPDATE: Remote-triggerable memory leaks - debian/patches/CVE-2017-7512.patch: fix leaks in src/openvpn/ssl_verify_openssl.c. - CVE-2017-7512 * SECURITY UPDATE: Pre-authentication remote crash/information disclosure for clients - debian/patches/CVE-2017-7520.patch: prevent two kinds of stack buffer OOB reads and a crash for invalid input data in src/openvpn/ntlm.c. - CVE-2017-7520 * SECURITY UPDATE: Potential double-free in --x509-alt-username and memory leaks - debian/patches/CVE-2017-7521.patch: fix double-free in src/openvpn/ssl_verify_openssl.c. - CVE-2017-7521 * SECURITY UPDATE: DoS in establish_http_proxy_passthru() - debian/patches/establish_http_proxy_passthru_dos.patch: fix null-pointer dereference in src/openvpn/proxy.c. - No CVE number -- Marc Deslauriers <email address hidden> Thu, 22 Jun 2017 10:51:34 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Trusty
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any
- Section:
- net
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section | |
---|---|---|---|---|
Trusty | updates | main | net | |
Trusty | security | main | net |
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
openvpn_2.3.2.orig.tar.gz | 1.1 MiB | 20bda3f9debb9a52db262aecddfa4e814050a9404a9106136b7e3b6f7ef36ffc |
openvpn_2.3.2-7ubuntu3.2.debian.tar.gz | 154.4 KiB | 5825656b7eea8e4236549a008fa0a42bd305f4be20092f0ec33ed39c3f6f05b5 |
openvpn_2.3.2-7ubuntu3.2.dsc | 1.9 KiB | 31feba700c6b3fe37bb1c580ccfb7fb236446434b41e9c16391ac20250ad4437 |
Available diffs
Binary packages built by this source
- openvpn: virtual private network daemon
OpenVPN is an application to securely tunnel IP networks over a
single UDP or TCP port. It can be used to access remote sites, make
secure point-to-point connections, enhance wireless security, etc.
.
OpenVPN uses all of the encryption, authentication, and certification
features provided by the OpenSSL library (any cipher, key size, or
HMAC digest).
.
OpenVPN may use static, pre-shared keys or TLS-based dynamic key exchange. It
also supports VPNs with dynamic endpoints (DHCP or dial-up clients), tunnels
over NAT or connection-oriented stateful firewalls (such as Linux's iptables).
- openvpn-dbgsym: debug symbols for package openvpn
OpenVPN is an application to securely tunnel IP networks over a
single UDP or TCP port. It can be used to access remote sites, make
secure point-to-point connections, enhance wireless security, etc.
.
OpenVPN uses all of the encryption, authentication, and certification
features provided by the OpenSSL library (any cipher, key size, or
HMAC digest).
.
OpenVPN may use static, pre-shared keys or TLS-based dynamic key exchange. It
also supports VPNs with dynamic endpoints (DHCP or dial-up clients), tunnels
over NAT or connection-oriented stateful firewalls (such as Linux's iptables).