From 5a65bc9e84bb6fbe3f9b53e4e7883249f4b066b95c87224b66e3e3124a120cb3 Mon Sep 17 00:00:00 2001 From: Marius Tomaschewski Date: Mon, 1 Dec 2014 19:43:09 +0000 Subject: [PATCH] - Update to version 2.3.6 fixing a denial-of-service vulnerability where an authenticated client could stop the server by triggering a server-side ASSERT (bnc#907764,CVE-2014-8104). See ChangeLog file for a complete list of changes. OBS-URL: https://build.opensuse.org/package/show/network:vpn/openvpn?expand=0&rev=83 --- openvpn-2.3.5.tar.gz | 3 --- openvpn-2.3.5.tar.gz.asc | 7 ------- openvpn-2.3.6.tar.gz | 3 +++ openvpn-2.3.6.tar.gz.asc | 7 +++++++ openvpn.changes | 8 ++++++++ openvpn.spec | 2 +- 6 files changed, 19 insertions(+), 11 deletions(-) delete mode 100644 openvpn-2.3.5.tar.gz delete mode 100644 openvpn-2.3.5.tar.gz.asc create mode 100644 openvpn-2.3.6.tar.gz create mode 100644 openvpn-2.3.6.tar.gz.asc diff --git a/openvpn-2.3.5.tar.gz b/openvpn-2.3.5.tar.gz deleted file mode 100644 index 0f02360..0000000 --- a/openvpn-2.3.5.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:d93b447b014a41ec1550c3b760871aa72d7c09f1b5c6fc1e013d3073ac29ca21 -size 1196464 diff --git a/openvpn-2.3.5.tar.gz.asc b/openvpn-2.3.5.tar.gz.asc deleted file mode 100644 index 07036cc..0000000 --- a/openvpn-2.3.5.tar.gz.asc +++ /dev/null @@ -1,7 +0,0 @@ ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1 - -iEYEABECAAYFAlRP0U4ACgkQwp2X7RmNIqPAvgCgz1D9o/TrFXrXGBHcXLfrQyob -RhYAoIx5SlqO/3oC1wSAr/a/IvCW5DQh -=uhc/ ------END PGP SIGNATURE----- diff --git a/openvpn-2.3.6.tar.gz b/openvpn-2.3.6.tar.gz new file mode 100644 index 0000000..c4bd872 --- /dev/null +++ b/openvpn-2.3.6.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:7baed2ff39c12e1a1a289ec0b46fcc49ff094ca58b8d8d5f29b36ac649ee5b26 +size 1213272 diff --git a/openvpn-2.3.6.tar.gz.asc b/openvpn-2.3.6.tar.gz.asc new file mode 100644 index 0000000..124358e --- /dev/null +++ b/openvpn-2.3.6.tar.gz.asc @@ -0,0 +1,7 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v1 + +iEYEABECAAYFAlR8NIAACgkQwp2X7RmNIqOgMgCg4LWcWBiy+dr/Dp0COmB4a3yf +JZUAnRiDBUUFJEk5j63sIaMMc+5Waqqk +=DC+g +-----END PGP SIGNATURE----- diff --git a/openvpn.changes b/openvpn.changes index 1f0e648..ed20e95 100644 --- a/openvpn.changes +++ b/openvpn.changes @@ -1,3 +1,11 @@ +------------------------------------------------------------------- +Mon Dec 1 19:37:29 UTC 2014 - mt@suse.de + +- Update to version 2.3.6 fixing a denial-of-service vulnerability + where an authenticated client could stop the server by triggering + a server-side ASSERT (bnc#907764,CVE-2014-8104). + See ChangeLog file for a complete list of changes. + ------------------------------------------------------------------- Thu Oct 30 12:28:48 UTC 2014 - idonmez@suse.com diff --git a/openvpn.spec b/openvpn.spec index 33a93f5..8edb014 100644 --- a/openvpn.spec +++ b/openvpn.spec @@ -32,7 +32,7 @@ Url: http://openvpn.net/ %else PreReq: %insserv_prereq %fillup_prereq %endif -Version: 2.3.5 +Version: 2.3.6 Release: 0 Summary: Full-featured SSL VPN solution using a TUN/TAP Interface License: SUSE-GPL-2.0-with-openssl-exception and LGPL-2.1