From d41e7c2bdeceef26701900e6559bcc4de9630e4f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Adrian=20Schr=C3=B6ter?= <adrian@suse.de>
Date: Mon, 11 Nov 2024 14:50:23 +0100
Subject: [PATCH] Adding patchinfo
 patchinfo.20241016085333428745.269002615871826

---
 .../_patchinfo                                | 39 +++++++++++++++++++
 1 file changed, 39 insertions(+)
 create mode 100644 patchinfo.20241016085333428745.269002615871826/_patchinfo

diff --git a/patchinfo.20241016085333428745.269002615871826/_patchinfo b/patchinfo.20241016085333428745.269002615871826/_patchinfo
new file mode 100644
index 0000000..b8de442
--- /dev/null
+++ b/patchinfo.20241016085333428745.269002615871826/_patchinfo
@@ -0,0 +1,39 @@
+<patchinfo>
+  <!-- generated from request(s) 333341 -->
+  <issue tracker="bnc" id="1224262">VUL-0: CVE-2024-26306: iperf: vulnerable to marvin attack if the authentication option is used</issue>
+  <issue tracker="cve" id="2024-26306"/>
+  <packager>dirkmueller</packager>
+  <rating>moderate</rating>
+  <category>security</category>
+  <summary>Security update for iperf</summary>
+  <description>This update for iperf fixes the following issues:
+
+- update to 3.17.1 (bsc#1224262, CVE-2024-26306):
+  * BREAKING CHANGE: iperf3's authentication features, when used
+    with OpenSSL prior to 3.2.0, contain a vulnerability to a
+    side-channel timing attack. To address this flaw, a change
+    has been made to the padding applied to encrypted strings.
+    This change is not backwards compatible with older versions of
+    iperf3 (before 3.17). To restore
+    the older (vulnerable) behavior, and hence
+    backwards-compatibility, use the --use-pkcs1-padding flag. The
+    iperf3 team thanks Hubert Kario from RedHat for reporting this
+    issue and providing feedback on the fix. (CVE-2024-26306)(PR#1695)
+  * iperf3 no longer changes its current working directory in --daemon
+    mode. This results in more predictable behavior with relative
+    paths, in particular finding key and credential files for
+    authentication. (PR#1672)
+  * A new --json-stream option has been added to enable a streaming
+    output format, consisting of a series of JSON objects (for the
+    start of the test, each measurement interval, and the end of the
+    test) separated by newlines (#444, #923, #1098).
+  * UDP tests now work correctly between different endian hosts
+  * The --fq-rate parameter now works for --reverse tests
+  * The statistics reporting interval is now available in the --json
+    start test object (#1663).
+  * A negative time test duration is now properly flagged as an error
+    (IS#1662 / PR#1666).
+</description>
+  <package>iperf</package>
+  <seperate_build_arch/>
+</patchinfo>