Package "openvpn"
WARNING: the "openvpn" package was deleted from this repository
| Name: |
openvpn
|
Description: |
virtual private network daemon
|
| Latest version: |
*DELETED* |
| Release: |
jammy (22.04) |
| Level: |
proposed |
| Repository: |
main |
| Homepage: |
https://openvpn.net/ |
Links
Download "openvpn"
Other versions of "openvpn" in Jammy
Changelog
|
openvpn (2.5.11-0ubuntu0.22.04.1) jammy; urgency=medium
* New upstream release 2.5.11 (LP: #2073318):
- CVE Fixes:
+ CVE-2024-5594, CVE-2024-27459, CVE-2024-24974, CVE-2024-27903
- Updates:
+ Allow trailing \r and \n in control channel message
+ See https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn25 for
additional bug fixes and information
* Remove patches fixed upstream:
- d/p/CVE-2024-5594.patch
[Fixed in 2.5.11]
-- Lena Voytek <email address hidden> Tue, 17 Sep 2024 13:25:49 -0700
|
| 2073318 |
Backport of openvpn for jammy and noble |
| CVE-2024-27459 |
The interactive service in OpenVPN 2.6.9 and earlier allows an attacker to send data causing a stack overflow which can be used to execute arbitrary |
| CVE-2024-24974 |
The interactive service in OpenVPN 2.6.9 and earlier allows the OpenVPN service pipe to be accessed remotely, which allows a remote attacker to inter |
| CVE-2024-27903 |
OpenVPN plug-ins on Windows with OpenVPN 2.6.9 and earlier could be loaded from any directory, which allows an attacker to load an arbitrary plug-in |
|
|
openvpn (2.5.9-0ubuntu0.22.04.2) jammy; urgency=medium
* d/rules: Use --with-openssl-engine=yes during configuration to maintain the
existing behavior of technically allowing openssl engine access in jammy.
For more information see
https://bugs.launchpad.net/ubuntu/+source/openvpn/+bug/2004676/comments/6
|
| Source diff to previous version |
|
openvpn (2.5.8-0ubuntu0.22.04.1) jammy; urgency=medium
* New upstream releases 2.5.6-2.5.8 (LP: #2004676):
- The version is being updated to the latest in 2.5.x rather than 2.6.x to
avoid feature releases and focus on bug fixes
- Updates:
+ OpenSSL3 support
+ pkcs11-helper upgrade to 1.28.4
+ allow running a default configuration with TLS libraries without BF-CBC
- Bug Fixes Include:
+ CVE-2022-0547
+ Fix potential memory leaks in add_route() and add_route_ipv6()
+ Fix PATH_MAX build failure in auth-pam.c
+ Fix using --auth-token together with --management-client-auth
+ Fix clearing of username+password when using --auth-nocache
+ See https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn25 for
additional bug fixes and information
* Remove patches fixed upstream:
- d/p/CVE-2022-0547.patch
[Included in upstream release 2.5.6]
- d/p/openssl-3/0001-Add-insecure-tls-cert-profile-options.patch
- d/p/openssl-3/0002-Refactor-early-initialisation-and-uninitialisation-
into-methods.patch
- d/p/openssl-3/0003-Allow-loading-of-non-default-providers.patch
- d/p/openssl-3/0004-Fix-allowing-showing-unsupported-ciphers-digests.patch
- d/p/openssl-3/0005-Add-message-when-decoding-PKCS12-file-fails.patch
- d/p/openssl-3/0006-Translate-OpenSSL-3.0-digest-names-to-OpenSSL-1.1-
digest-names.patch
[Included in upstream release 2.5.7]
- d/p/openssl-3/0007-Allow-running-a-default-configuration-with-TLS-
libraries-without-BF-CBC.patch
- d/p/match-manpage-and-command-help.patch
[Included in upstream release 2.5.8]
-- Lena Voytek <email address hidden> Fri, 03 Feb 2023 15:49:35 -0700
|
| 2004676 |
MRE Updates 2.5.8 / 2.4.11 |
| CVE-2022-0547 |
OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of def |
|
About
-
Send Feedback to @ubuntu_updates
