Back to openvpn PTS page

Accepted openvpn 2.3.4-5+deb8u2 (source amd64) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates

To: debian-changes@lists.debian.org
Subject: Accepted openvpn 2.3.4-5+deb8u2 (source amd64) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates
From: Alberto Gonzalez Iniesta <agi@inittab.org>
Date: Sat, 15 Jul 2017 20:48:05 +0000
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1dWTyw-000Hrm-0B@fasolo.debian.org>
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Thu, 22 Jun 2017 17:25:13 +0200
Source: openvpn
Binary: openvpn
Architecture: source amd64
Version: 2.3.4-5+deb8u2
Distribution: jessie-security
Urgency: high
Maintainer: Alberto Gonzalez Iniesta <agi@inittab.org>
Changed-By: Alberto Gonzalez Iniesta <agi@inittab.org>
Description:
 openvpn    - virtual private network daemon
Closes: 865480
Changes:
 openvpn (2.3.4-5+deb8u2) jessie-security; urgency=high
 .
   * SECURITY UPDATE: authenticated remote DoS vulnerability due to
     packet ID rollover. CVE-2017-7479.
     Kudos to Steve Beattie <sbeattie@ubuntu.com> for doing all the backporting
     work for this patch.
     - debian/patches/CVE-2017-7479-prereq.patch: merge
       packet_id_alloc_outgoing() into packet_id_write()
     - debian/patches/CVE-2017-7479.patch: do not assert when packet ID
       rollover occurs
   * SECURITY UPDATE: (Closes: #865480)
     - CVE-2017-7508.patch. Fix remotely-triggerable ASSERT() on malformed IPv6
       packet.
     - CVE-2017-7520.patch. Prevent two kinds of stack buffer OOB reads and a
       crash for invalid input data.
     - CVE-2017-7521.patch. Fix potential double-free in --x509-alt-username.
     - CVE-2017-7521bis.patch. Fix remote-triggerable memory leaks.
Checksums-Sha1:
 138a81d4ed1c15680bed97c73bce65789671937b 2072 openvpn_2.3.4-5+deb8u2.dsc
 71e1840311a4067a6166360f71c956888638b95e 1191101 openvpn_2.3.4.orig.tar.gz
 6646888b71f5200d43f592e083f03d706444a341 130596 openvpn_2.3.4-5+deb8u2.debian.tar.xz
 89c2a5acbafc9a9ce57b09f6830762d0cc699c48 477340 openvpn_2.3.4-5+deb8u2_amd64.deb
Checksums-Sha256:
 2987e8b53bde4f1b6853ea66a07f995ba3f7aa34b0a30b2a6edca907578b803d 2072 openvpn_2.3.4-5+deb8u2.dsc
 af506d5f48568fa8d2f2435cb3fad35f9a9a8f263999ea6df3ba296960cec85a 1191101 openvpn_2.3.4.orig.tar.gz
 a4d4fd8fde0441b0ddc44a87bd4c4ab262519e684660a307d9995774e25d53c2 130596 openvpn_2.3.4-5+deb8u2.debian.tar.xz
 b19c3656f6a04babf64c5d9279f3a1f7978a8bc13fe5d7baff8f81c07de235df 477340 openvpn_2.3.4-5+deb8u2_amd64.deb
Files:
 ad445bca715a8feff9c62f1d1b3e23ee 2072 net optional openvpn_2.3.4-5+deb8u2.dsc
 04d47237907faabe9d046970ffe44b2e 1191101 net optional openvpn_2.3.4.orig.tar.gz
 b7bb04530285ec110513602660f711e9 130596 net optional openvpn_2.3.4-5+deb8u2.debian.tar.xz
 a1851924fdc5db8f22e2f9e41f041f37 477340 net optional openvpn_2.3.4-5+deb8u2_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQJEBAEBCAAuFiEEU0fL2D4wqetNfUvyAJszdWuaqlUFAllRILkQHGFnaUBpbml0
dGFiLm9yZwAKCRAAmzN1a5qqVT+hD/9KfTrXtH2ai/Rvs1mCE7dDHqHkZpaE/ugi
NCpHQDqZD0fvUghpuS51QdPWkNtBbai+XFRj/XJiQOI4BqZJErTfYcGdkSOex8Aj
Os1RUTEia91gNA3HtMtH0veCdPmbpsVHpZOlxef3UJa655DLVWFffRkQZg+baBwQ
CS6rnnmJb2DPm/SRDx4a7zS1afI7jY5lG18FGVPg5vt/u+dMzB4aE0hKydKLyZ2+
Ovb2WtUTgchrXEPWuG46bYxoZmLuyHnbdo4sQf8M8bOMdPEIJOP+0ceCtaAusEkA
7MWFp+SnhP6YTufLUteqb+BLRBjtuGY7Xt9Et3x6LFkIcucqVxWzUMNNwKJAYa+1
0BV1O2TSMn5cnNC8JwFceTViT8ajSJS+clYsPyxMpqrtcXyievHCgO+BPnAv/yIx
3SFgwRayGbwQ8Hj7tjDycWH8Bb4XrP3vVZzqp5adNPpUTPCHfmsAmz8IWCFai/8k
xwMHxdmGRTFhEM7dZ+BGZOsr8H/w6ug2mTWdI8I5PZcykwBKMBuV1Rja/W2w+04T
CLK9z7q7S+RtaPCaGzijybSVxGR4ITg782BDJhwJe9gojvnDSSuBMvsdzDqa8QG7
XS1OtyKL+dNHj7yaExY6/ddhBVbFJ8B/KyhOXbKW5HcX3i8uUqxVSbfjgBG5xQKB
LUn+ze30EQ==
=A4Ji
-----END PGP SIGNATURE-----