Accepted openvpn 2.6.3-1+deb12u2 (source) into proposed-updates
- To: debian-changes@lists.debian.org
- Subject: Accepted openvpn 2.6.3-1+deb12u2 (source) into proposed-updates
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Sat, 18 Nov 2023 13:32:43 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: openvpn_2.6.3-1+deb12u2_source.changes
- Debian-source: openvpn
- Debian-suite: proposed-updates
- Debian-version: 2.6.3-1+deb12u2
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=9n9mIki2TKLhm4hISrp1AYoP1XyMcMCjcaFDyUK7sF4=; b=jetrIW3dYtb8YCJAYdzxSeVZGG zStHSPWEZvA8jMVqQRW4B3EVcocthhxQEY7RqjkqP3mQjxtZlabLO+EVqkTX/Z/GR7w2R6gSbK1n3 Unc5t6VuWKN+wEM30/3ONrjeDzId7GtHOAtpMdVGKjRyDHKcNG4OuhQ91IWkEEVWi8S84gZdMaoGU h+JgfGwev9HpZWkmp8goU2UsY0TedWlLflZe+qiwtsDOE+dn0jBUFcUZ67LPucHSIfVeVPQ5WHMCO fEW+zCUeX4/29dVtHs/Gzo3cpiQH0rUyavQ2eQmydw5FwKkmZgaQig2qFR+y82hV+hT5AmkcIQYhw U1i/tYTQ==;
- Mail-followup-to: debian-devel@lists.debian.org
- Message-id: <E1r4LRD-00HRZ5-Mk@fasolo.debian.org>
- Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 11 Nov 2023 23:21:37 +0100
Source: openvpn
Architecture: source
Version: 2.6.3-1+deb12u2
Distribution: bookworm-security
Urgency: medium
Maintainer: Bernhard Schmidt <berni@debian.org>
Changed-By: Bernhard Schmidt <berni@debian.org>
Changes:
openvpn (2.6.3-1+deb12u2) bookworm-security; urgency=medium
.
* Cherry-Pick upstream fixes for two CVEs
- CVE-2023-46849: Use of --fragment option can lead to a division by zero
error which can be fatal
- CVE-2023-46850: Incorrect use of send buffer can cause memory to be sent
to peer
Checksums-Sha1:
5bc4d19238b46263b923ae47a8fe99f1ee739173 2236 openvpn_2.6.3-1+deb12u2.dsc
a94a914cccdc72980729054ae42c6862fcc1c7fc 1860557 openvpn_2.6.3.orig.tar.gz
c4925beb63c637aadcea803dc7aeb726677dadcf 61804 openvpn_2.6.3-1+deb12u2.debian.tar.xz
e043a854b0f47cf47bcb5a2d20fffb5293b33efb 7794 openvpn_2.6.3-1+deb12u2_amd64.buildinfo
Checksums-Sha256:
a0cac845f57e61c5affd6f0c8be699b32a8672f99f5f5e5c3cfbe2694562dd94 2236 openvpn_2.6.3-1+deb12u2.dsc
13b207a376d8880507c74ff78aabc3778a9da47c89f1e247dcee3c7237138ff6 1860557 openvpn_2.6.3.orig.tar.gz
189ca607fec5a5d6d5db8da617bd301f7a94f1fc3850b5d557907979c0eff2d7 61804 openvpn_2.6.3-1+deb12u2.debian.tar.xz
023ef346330da1727a4d1065206f104b92e9107b18acc5a64f8166fc997de293 7794 openvpn_2.6.3-1+deb12u2_amd64.buildinfo
Files:
c905070b777bf10f1b8f70ab9142145c 2236 net optional openvpn_2.6.3-1+deb12u2.dsc
477476a82ad0e606aa460460d640595c 1860557 net optional openvpn_2.6.3.orig.tar.gz
1e90688f6a70408ab40d3e0795dc0f96 61804 net optional openvpn_2.6.3-1+deb12u2.debian.tar.xz
01cde1b808484497e389a836ba287956 7794 net optional openvpn_2.6.3-1+deb12u2_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJFBAEBCgAvFiEE1uAexRal3873GVbTd1B55bhQvJMFAmVT2TMRHGJlcm5pQGRl
Ymlhbi5vcmcACgkQd1B55bhQvJOPXA/9Hp/sQXMkTvZ7EO6cGeJ6UPqUJadBM2aq
5qh76dEwgHumc/CmbS/OaBpMmBEjSKObSfBNhF/1zU7WgDoyyrdGrWJ0a3Mv3kHW
XLbLbBeSDs9tDhzkJNkaw/NCerditLecEB5vi1FEofITKp0Ilq3K8hnJHaYactNR
NyUE4lpcN0zhFZPfuO7W0jkbn5tGnOLc+LAjV7xRaZ14O9wZiHzwMD/yfmSZNCjH
HKFE6c0DezvHm3arpmaAmJyf2m3gIZK+55HhS29F7nRTuWOrden1S5ihejG1//C8
OZyH9+psGZdh24rWgh6M2NapqH0dlnQSui1H6IQBnC+kDRfziOV5QVhh4jHVtpcp
4p61T4eVkDuHXxJ2k562xBVwymjqkIDMNkrmPFd/SF+mhFm3SoxtPIUNmuHsJzR1
/JugZTxfSQndFTUwLxnzW2pyHowQT5gZHA73on0/v92j960+65N3lVZ1MsoubMtI
R0+3PUsIEELvo94a7C87Td4s9+GCBMvLBC4f/we5x8bUHqxzmrKaYrrC4rqjIlai
ZgBkctExEAbxXS+7lF7C7AwoexLxdADVaSS43cjVhvn+SeTveghEGhOxoDx/uAwE
AC8NlA2RwDzPhEv/NLO+97TzZqklQ9MKPfzRjbfU1liCn/8Ui/iYhrkWAQIm1QpP
GqVidslvVNE=
=dgQj
-----END PGP SIGNATURE-----