* [Buildroot] [git commit] openvpn: security bump to version 2.4.3
@ 2017-06-22 21:26 Peter Korsgaard
0 siblings, 0 replies; only message in thread
From: Peter Korsgaard @ 2017-06-22 21:26 UTC (permalink / raw)
To: buildroot
commit: https://git.buildroot.net/buildroot/commit/?id=24f2eb1e157e2c0b08579939c293aa7c1d3d0c28
branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/master
Fixes:
CVE-2017-7508 - Remotely-triggerable ASSERT() on malformed IPv6 packet
CVE-2017-7520 - Pre-authentication remote crash/information disclosure for
clients
CVE-2017-7521 - Potential double-free in --x509-alt-username
CVE-2017-7521 - Remote-triggerable memory leaks
CVE-2017-7522 - Post-authentication remote DoS when using the --x509-track
option
Details at
https://community.openvpn.net/openvpn/wiki/VulnerabilitiesFixedInOpenVPN243
Cc: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
package/openvpn/openvpn.hash | 4 ++--
package/openvpn/openvpn.mk | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/package/openvpn/openvpn.hash b/package/openvpn/openvpn.hash
index fe054e9..1db3a31 100644
--- a/package/openvpn/openvpn.hash
+++ b/package/openvpn/openvpn.hash
@@ -1,2 +1,2 @@
-# Locally calculated
-sha256 df5c4f384b7df6b08a2f6fa8a84b9fd382baf59c2cef1836f82e2a7f62f1bff9 openvpn-2.4.2.tar.xz
+# Locally calculated after checking signature
+sha256 15e15fc97f189b52aee7c90ec8355aa77469c773125110b4c2f089abecde36fb openvpn-2.4.3.tar.xz
diff --git a/package/openvpn/openvpn.mk b/package/openvpn/openvpn.mk
index ff6bcdc..7cc572e 100644
--- a/package/openvpn/openvpn.mk
+++ b/package/openvpn/openvpn.mk
@@ -4,7 +4,7 @@
#
################################################################################
-OPENVPN_VERSION = 2.4.2
+OPENVPN_VERSION = 2.4.3
OPENVPN_SOURCE = openvpn-$(OPENVPN_VERSION).tar.xz
OPENVPN_SITE = http://swupdate.openvpn.net/community/releases
OPENVPN_DEPENDENCIES = host-pkgconf openssl
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2017-06-22 21:26 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-06-22 21:26 [Buildroot] [git commit] openvpn: security bump to version 2.4.3 Peter Korsgaard
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.