From 6dac5a8f6a0a15afcc071a1848bb04d49505842cfee07cde57320d2b95af5f13 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ismail=20D=C3=B6nmez?= Date: Mon, 6 Jun 2016 07:52:26 +0000 Subject: [PATCH] Accepting request 394676 from home:namtrac:branches:network:vpn - Update to version 2.3.11 * Fixed port-share bug with DoS potential * Fix buffer overflow by user supplied data * Fix undefined signed shift overflow * Ensure input read using systemd-ask-password is null terminated * Support reading the challenge-response from console * hardening: add safe FD_SET() wrapper openvpn_fd_set() * Restrict default TLS cipher list - Add BuildRequires on xz for SLE11 OBS-URL: https://build.opensuse.org/request/show/394676 OBS-URL: https://build.opensuse.org/package/show/network:vpn/openvpn?expand=0&rev=105 --- openvpn-2.3.10.tar.gz | 3 --- openvpn-2.3.10.tar.gz.asc | 7 ------- openvpn-2.3.11.tar.xz | 3 +++ openvpn-2.3.11.tar.xz.asc | 7 +++++++ openvpn.changes | 13 +++++++++++++ openvpn.spec | 7 ++++--- 6 files changed, 27 insertions(+), 13 deletions(-) delete mode 100644 openvpn-2.3.10.tar.gz delete mode 100644 openvpn-2.3.10.tar.gz.asc create mode 100644 openvpn-2.3.11.tar.xz create mode 100644 openvpn-2.3.11.tar.xz.asc diff --git a/openvpn-2.3.10.tar.gz b/openvpn-2.3.10.tar.gz deleted file mode 100644 index c4b9f37..0000000 --- a/openvpn-2.3.10.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:f8b0b5b92e35bbca1db1a7e6b49e04639e45634e9accd460459b40b2c99ec8f6 -size 1225636 diff --git a/openvpn-2.3.10.tar.gz.asc b/openvpn-2.3.10.tar.gz.asc deleted file mode 100644 index 67ade21..0000000 --- a/openvpn-2.3.10.tar.gz.asc +++ /dev/null @@ -1,7 +0,0 @@ ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1 - -iEYEABECAAYFAlaKY3oACgkQwp2X7RmNIqN7cACbB9fpKL84DyE2OPkjKz5CV5qD -XzEAn2WfGAwaVUHPCUB7TPzsDjHEKMwR -=5cgd ------END PGP SIGNATURE----- diff --git a/openvpn-2.3.11.tar.xz b/openvpn-2.3.11.tar.xz new file mode 100644 index 0000000..cb4e70c --- /dev/null +++ b/openvpn-2.3.11.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:0f5f1ca1dc5743fa166d93dd4ec952f014b5f33bafd88f0ea34b455cae1434a7 +size 833496 diff --git a/openvpn-2.3.11.tar.xz.asc b/openvpn-2.3.11.tar.xz.asc new file mode 100644 index 0000000..ef6cdbc --- /dev/null +++ b/openvpn-2.3.11.tar.xz.asc @@ -0,0 +1,7 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v1 + +iEYEABECAAYFAlcxenoACgkQwp2X7RmNIqOn3wCeP9QB36A5JwmBIYihnWS6v/p4 +XikAn1YoYlNJMcL2Tnnu30GKWULkbyov +=LkUj +-----END PGP SIGNATURE----- diff --git a/openvpn.changes b/openvpn.changes index 708432d..b6397c9 100644 --- a/openvpn.changes +++ b/openvpn.changes @@ -1,3 +1,16 @@ +------------------------------------------------------------------- +Tue May 10 16:16:02 UTC 2016 - idonmez@suse.com + +- Update to version 2.3.11 + * Fixed port-share bug with DoS potential + * Fix buffer overflow by user supplied data + * Fix undefined signed shift overflow + * Ensure input read using systemd-ask-password is null terminated + * Support reading the challenge-response from console + * hardening: add safe FD_SET() wrapper openvpn_fd_set() + * Restrict default TLS cipher list +- Add BuildRequires on xz for SLE11 + ------------------------------------------------------------------- Mon Jan 4 17:22:37 UTC 2016 - idonmez@suse.com diff --git a/openvpn.spec b/openvpn.spec index 70a3fc7..a68e33f 100644 --- a/openvpn.spec +++ b/openvpn.spec @@ -32,13 +32,13 @@ Url: http://openvpn.net/ %else PreReq: %insserv_prereq %fillup_prereq %endif -Version: 2.3.10 +Version: 2.3.11 Release: 0 Summary: Full-featured SSL VPN solution using a TUN/TAP Interface License: SUSE-GPL-2.0-with-openssl-exception and LGPL-2.1 Group: Productivity/Networking/Security -Source: http://swupdate.openvpn.org/community/releases/openvpn-%{version}.tar.gz -Source1: http://swupdate.openvpn.org/community/releases/openvpn-%{version}.tar.gz.asc +Source: https://swupdate.openvpn.org/community/releases/openvpn-%{version}.tar.xz +Source1: https://swupdate.openvpn.org/community/releases/openvpn-%{version}.tar.xz.asc Source2: %{name}.init Source6: %{name}.sysconfig Source3: %{name}.README.SUSE @@ -67,6 +67,7 @@ Requires: pkcs11-helper %if %{with_systemd} BuildRequires: systemd-devel %endif +BuildRequires: xz %description OpenVPN is a full-featured SSL VPN solution which can accommodate a wide