forked from pool/openvpn
87f634bb3f
- update to 2.4.11 (bsc#1185279): * CVE-2020-15078 see https://community.openvpn.net/openvpn/wiki/SecurityAnnouncements * This bug allows - under very specific circumstances - to trick a server using delayed authentication (plugin or management) into returning a PUSH_REPLY before the AUTH_FAILED message, which can possibly be used to gather information about a VPN setup. * In combination with "--auth-gen-token" or an user-specific token auth solution it can be possible to get access to a VPN with an otherwise-invalid account. * Fix potential NULL ptr crash if compiled with DMALLOC - drop sysv5 init support, it hasn't build successfully in ages and is build-disabled in devel project OBS-URL: https://build.opensuse.org/request/show/896403 OBS-URL: https://build.opensuse.org/package/show/network:vpn/openvpn?expand=0&rev=160 |
||
|---|---|---|
| .gitattributes | ||
| .gitignore | ||
| 0001-preform-deferred-authentication-in-the-background.patch | ||
| client-netconfig.down | ||
| client-netconfig.up | ||
| openvpn-2.3-plugin-man.dif | ||
| openvpn-2.3.9-Fix-heap-overflow-on-getaddrinfo-result.patch | ||
| openvpn-2.3.x-fixed-multiple-low-severity-issues.patch | ||
| openvpn-2.4.11.tar.xz | ||
| openvpn-2.4.11.tar.xz.asc | ||
| openvpn-fips140-2.3.2.patch | ||
| openvpn-tmpfile.conf | ||
| openvpn.changes | ||
| openvpn.keyring | ||
| openvpn.README.SUSE | ||
| openvpn.service | ||
| openvpn.spec | ||
| openvpn.target | ||
| rcopenvpn | ||