openvpn

pool/openvpn

SHA256

Fork 1

Commit Graph

Author	SHA256	Message	Date
Nirmoy Das	774c998664	Accepting request 505857 from home:ndas:branches:network:vpn - Update to 2.4.3 (bsc#1045489) - Ignore auth-nocache for auth-user-pass if auth-token is pushed - crypto: Enable SHA256 fingerprint checking in --verify-hash - copyright: Update GPLv2 license texts - auth-token with auth-nocache fix broke --disable-crypto builds - OpenSSL: don't use direct access to the internal of X509 - OpenSSL: don't use direct access to the internal of EVP_PKEY - OpenSSL: don't use direct access to the internal of RSA - OpenSSL: don't use direct access to the internal of DSA - OpenSSL: force meth->name as non-const when we free() it - OpenSSL: don't use direct access to the internal of EVP_MD_CTX - OpenSSL: don't use direct access to the internal of EVP_CIPHER_CTX - OpenSSL: don't use direct access to the internal of HMAC_CTX - Fix NCP behaviour on TLS reconnect. - Remove erroneous limitation on max number of args for --plugin - Fix edge case with clients failing to set up cipher on empty PUSH_REPLY. - Fix potential 1-byte overread in TCP option parsing. - Fix remotely-triggerable ASSERT() on malformed IPv6 packet. - Preparing for release v2.4.3 (ChangeLog, version.m4, Changes.rst) - refactor my_strupr - Fix 2 memory leaks in proxy authentication routine - Fix memory leak in add_option() for option 'connection' - Ensure option array p[] is always NULL-terminated - Fix a null-pointer dereference in establish_http_proxy_passthru() - Prevent two kinds of stack buffer OOB reads and a crash for invalid input data - Fix an unaligned access on OpenBSD/sparc64 - Missing include for socket-flags TCP_NODELAY on OpenBSD - Make openvpn-plugin.h self-contained again. - Pass correct buffer size to GetModuleFileNameW() - Log the negotiated (NCP) cipher OBS-URL: https://build.opensuse.org/request/show/505857 OBS-URL: https://build.opensuse.org/package/show/network:vpn/openvpn?expand=0&rev=124	2017-06-23 10:34:54 +00:00
Nirmoy Das	9b5c6bd385	OBS-URL: https://build.opensuse.org/package/show/network:vpn/openvpn?expand=0&rev=117	2017-06-06 12:54:53 +00:00
Marius Tomaschewski	9c3259ca06	Accepting request 489820 from home:ndas:branches:network:vpn - Preform deferred authentication in the background to not cause main daemon processing delays when the underlying pam mechanism (e.g. ldap) needs longer to response (bsc#959511). [+ 0001-preform-deferred-authentication-in-the-background.patch] - Added fix for possible heap overflow on read accessing getaddrinfo result (bsc#959714). [+openvpn-2.3.9-Fix-heap-overflow-on-getaddrinfo-result.patch] - Added a patch to fix multiple low severity issues (bsc#934237). [+openvpn-2.3.x-fixed-multiple-low-severity-issues.patch] OBS-URL: https://build.opensuse.org/request/show/489820 OBS-URL: https://build.opensuse.org/package/show/network:vpn/openvpn?expand=0&rev=115	2017-04-27 09:50:39 +00:00

Author

SHA256

Message

Date

Nirmoy Das

774c998664

Accepting request 505857 from home:ndas:branches:network:vpn

- Update to 2.4.3 (bsc#1045489)
    - Ignore auth-nocache for auth-user-pass if auth-token is pushed
    - crypto: Enable SHA256 fingerprint checking in --verify-hash
    - copyright: Update GPLv2 license texts
    - auth-token with auth-nocache fix broke --disable-crypto builds
    - OpenSSL: don't use direct access to the internal of X509
    - OpenSSL: don't use direct access to the internal of EVP_PKEY
    - OpenSSL: don't use direct access to the internal of RSA
    - OpenSSL: don't use direct access to the internal of DSA
    - OpenSSL: force meth->name as non-const when we free() it
    - OpenSSL: don't use direct access to the internal of EVP_MD_CTX
    - OpenSSL: don't use direct access to the internal of EVP_CIPHER_CTX
    - OpenSSL: don't use direct access to the internal of HMAC_CTX
    - Fix NCP behaviour on TLS reconnect.
    - Remove erroneous limitation on max number of args for --plugin
    - Fix edge case with clients failing to set up cipher on empty PUSH_REPLY.
    - Fix potential 1-byte overread in TCP option parsing.
    - Fix remotely-triggerable ASSERT() on malformed IPv6 packet.
    - Preparing for release v2.4.3 (ChangeLog, version.m4, Changes.rst)
    - refactor my_strupr
    - Fix 2 memory leaks in proxy authentication routine
    - Fix memory leak in add_option() for option 'connection'
    - Ensure option array p[] is always NULL-terminated
    - Fix a null-pointer dereference in establish_http_proxy_passthru()
    - Prevent two kinds of stack buffer OOB reads and a crash for invalid input data
    - Fix an unaligned access on OpenBSD/sparc64
    - Missing include for socket-flags TCP_NODELAY on OpenBSD
    - Make openvpn-plugin.h self-contained again.
    - Pass correct buffer size to GetModuleFileNameW()
    - Log the negotiated (NCP) cipher

OBS-URL: https://build.opensuse.org/request/show/505857
OBS-URL: https://build.opensuse.org/package/show/network:vpn/openvpn?expand=0&rev=124

2017-06-23 10:34:54 +00:00

Nirmoy Das

9b5c6bd385

OBS-URL: https://build.opensuse.org/package/show/network:vpn/openvpn?expand=0&rev=117

2017-06-06 12:54:53 +00:00

Marius Tomaschewski

9c3259ca06

Accepting request 489820 from home:ndas:branches:network:vpn

- Preform deferred authentication in the background to not
  cause main daemon processing delays when the underlying pam mechanism (e.g.
  ldap) needs longer to response (bsc#959511).
  [+ 0001-preform-deferred-authentication-in-the-background.patch]
- Added fix for possible heap overflow on read accessing getaddrinfo 
  result (bsc#959714).
  [+openvpn-2.3.9-Fix-heap-overflow-on-getaddrinfo-result.patch]
- Added a patch to fix multiple low severity issues (bsc#934237).
  [+openvpn-2.3.x-fixed-multiple-low-severity-issues.patch]

OBS-URL: https://build.opensuse.org/request/show/489820
OBS-URL: https://build.opensuse.org/package/show/network:vpn/openvpn?expand=0&rev=115

2017-04-27 09:50:39 +00:00

3 Commits