git.99rst.org / openwrt-packages.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 1b570f7)
openvpn: update to 2.5.2
authorMagnus Kroken <redacted>
Wed, 21 Apr 2021 20:45:03 +0000 (22:45 +0200)
committerMagnus Kroken <redacted>
Wed, 21 Apr 2021 22:03:05 +0000 (00:03 +0200)
commit6186fe732b058ef7f1ae43cce2184ba0c4d90184
treeaad67cd14ae1913e2752805d443248f5ccd92f5atree | snapshot
parent1b570f7aad1bb160aa86d9d45b578551b93d49ebcommit | diff
openvpn: update to 2.5.2

Fixes two related security vulnerabilities (CVE-2020-15078) which
under very specific circumstances allow tricking a server using delayed
authentication (plugin or management) into returning a PUSH_REPLY before
the AUTH_FAILED message, which can possibly be used to gather
information about a VPN setup. In combination with "--auth-gen-token" or
a user-specific token auth solution it can be possible to get access to
a VPN with an otherwise-invalid account.

OpenVPN 2.5.2 also includes other bug fixes and improvements.

Add CI build test script.

Signed-off-by: Magnus Kroken <redacted>
net/openvpn/Makefile diff | blob | history
net/openvpn/patches/100-mbedtls-disable-runtime-version-check.patch diff | blob | history
net/openvpn/patches/115-fix-mbedtls-without-renegotiation.patch [new file with mode: 0644] blob
net/openvpn/test.sh [new file with mode: 0755] blob
git clone https://git.99rst.org/PROJECT