pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/net
Module Name: pkgsrc
Committed By: wiz
Date: Mon Oct 2 15:54:24 UTC 2017
Modified Files:
pkgsrc/net/openvpn: Makefile.common PLIST distinfo
pkgsrc/net/openvpn-acct-wtmpx: distinfo
pkgsrc/net/openvpn-nagios: distinfo
Log Message:
openvpn: update to 2.4.4
Version 2.4.4
=============
This is primarily a maintenance release, with further improved OpenSSL 1.1
integration, several minor bug fixes and other minor improvements.
Bug fixes
---------
- Fix issues when a pushed cipher via the Negotiable Crypto Parameters (NCP) is
rejected by the remote side
- Ignore ``--keysize`` when NCP have resulted in a changed cipher.
- Configurations using ``--auth-nocache`` and the management interface to provide
user credentials (like NetworkManager on Linux) on client side with servers
implementing authentication tokens (for example, using ``--auth-gen-token``)
will now behave correctly and not query the user for an, to them, unknown
authentication token on renegotiations of the tunnel.
- Fix bug causing invalid or corrupt SOCKS port number when changing the
proxy via the management interface.
- The man page should now have proper escaping of hyphens/minus characters
and have seen some minor corrections.
User-visible Changes
--------------------
- Linux servers with systemd which uses the ``openvpn-server@.service`` unit
file for server configurations will now utilize the automatic restart feature
in systemd. If the OpenVPN server process dies unexpectedly, systemd will
ensure the OpenVPN configuration will be restarted without any user interaction.
Deprecated features
-------------------
- ``--no-replay`` is deprecated and will be removed in OpenVPN 2.5.
- ``--keysize`` is deprecated in OpenVPN 2.4 and will be removed in v2.6
Security
--------
- CVE-2017-12166: Fix bounds check for configurations using ``--key-method 1``.
Before this fix, it could allow an attacker to send a malformed packet to
trigger a stack overflow. This is considered to be a low risk issue, as
``--key-method 2`` has been the default since OpenVPN 2.0 (released on
2005-04-17). This option is already deprecated in v2.4 and will be
completely removed in v2.5.
To generate a diff of this commit:
cvs rdiff -u -r1.11 -r1.12 pkgsrc/net/openvpn/Makefile.common
cvs rdiff -u -r1.19 -r1.20 pkgsrc/net/openvpn/PLIST
cvs rdiff -u -r1.38 -r1.39 pkgsrc/net/openvpn/distinfo
cvs rdiff -u -r1.16 -r1.17 pkgsrc/net/openvpn-acct-wtmpx/distinfo
cvs rdiff -u -r1.13 -r1.14 pkgsrc/net/openvpn-nagios/distinfo
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: pkgsrc/net/openvpn/Makefile.common
diff -u pkgsrc/net/openvpn/Makefile.common:1.11 pkgsrc/net/openvpn/Makefile.common:1.12
--- pkgsrc/net/openvpn/Makefile.common:1.11 Sat Jul 1 22:12:53 2017
+++ pkgsrc/net/openvpn/Makefile.common Mon Oct 2 15:54:23 2017
@@ -1,9 +1,9 @@
-# $NetBSD: Makefile.common,v 1.11 2017/07/01 22:12:53 joerg Exp $
+# $NetBSD: Makefile.common,v 1.12 2017/10/02 15:54:23 wiz Exp $
# used by net/openvpn/Makefile
# used by net/openvpn-acct-wtmpx/Makefile
# used by net/openvpn-nagios/Makefile
-OPENVPN_DISTNAME= openvpn-2.4.3
+OPENVPN_DISTNAME= openvpn-2.4.4
# Remove DIST_SUBDIR on next update, update distinfo of depending packages
DIST_SUBDIR= openvpn
OPENVPN_DISTFILE= ${OPENVPN_DISTNAME}.tar.xz
Index: pkgsrc/net/openvpn/PLIST
diff -u pkgsrc/net/openvpn/PLIST:1.19 pkgsrc/net/openvpn/PLIST:1.20
--- pkgsrc/net/openvpn/PLIST:1.19 Wed May 24 20:35:12 2017
+++ pkgsrc/net/openvpn/PLIST Mon Oct 2 15:54:23 2017
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.19 2017/05/24 20:35:12 adam Exp $
+@comment $NetBSD: PLIST,v 1.20 2017/10/02 15:54:23 wiz Exp $
include/openvpn-msg.h
include/openvpn-plugin.h
${PLIST.pam}lib/openvpn/plugins/openvpn-plugin-auth-pam.la
@@ -12,7 +12,7 @@ share/doc/openvpn/README
share/doc/openvpn/README.IPv6
${PLIST.pam}share/doc/openvpn/README.auth-pam
share/doc/openvpn/README.down-root
-share/doc/openvpn/README.polarssl
+share/doc/openvpn/README.mbedtls
share/doc/openvpn/management-notes.txt
share/examples/openvpn/config/README
share/examples/openvpn/config/client.conf
Index: pkgsrc/net/openvpn/distinfo
diff -u pkgsrc/net/openvpn/distinfo:1.38 pkgsrc/net/openvpn/distinfo:1.39
--- pkgsrc/net/openvpn/distinfo:1.38 Mon Jun 26 07:21:21 2017
+++ pkgsrc/net/openvpn/distinfo Mon Oct 2 15:54:23 2017
@@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.38 2017/06/26 07:21:21 adam Exp $
+$NetBSD: distinfo,v 1.39 2017/10/02 15:54:23 wiz Exp $
-SHA1 (openvpn/openvpn-2.4.3.tar.xz) = b3adaf06225c13ab55b88a0edd3df71278860c20
-RMD160 (openvpn/openvpn-2.4.3.tar.xz) = 110f2879222c6a0a076af10fbce4deff2a0ff4b0
-SHA512 (openvpn/openvpn-2.4.3.tar.xz) = b92ec769f672fa7c7a70985535754c566891f94774e4bc3aeb2141b3c168783aebeb82341635d3708978dd3254708221e2ddaae9919d4cf398318fff7d01c926
-Size (openvpn/openvpn-2.4.3.tar.xz) = 938440 bytes
+SHA1 (openvpn/openvpn-2.4.4.tar.xz) = 23f614a2087ad0136a836537ecfd47af09f27276
+RMD160 (openvpn/openvpn-2.4.4.tar.xz) = 945ef4521dcbaf0bc03964fa6d62583af5d87d92
+SHA512 (openvpn/openvpn-2.4.4.tar.xz) = c171d1243ab739310247f076483592758e71f810f7b29b507d3a67b86b3b87e1e854d240d25a3428a7b31b7cf2958ad17987d32151da6ed7ec27d698837d3273
+Size (openvpn/openvpn-2.4.4.tar.xz) = 924172 bytes
SHA1 (patch-configure) = 240342a88baed7642dfd63ed0a2ab4c0a75adbd4
SHA1 (patch-src_compat_compat-basename.c) = 45a58ef2e05f6e0265f229da8540760e60e65143
Index: pkgsrc/net/openvpn-acct-wtmpx/distinfo
diff -u pkgsrc/net/openvpn-acct-wtmpx/distinfo:1.16 pkgsrc/net/openvpn-acct-wtmpx/distinfo:1.17
--- pkgsrc/net/openvpn-acct-wtmpx/distinfo:1.16 Sat Jul 1 22:12:53 2017
+++ pkgsrc/net/openvpn-acct-wtmpx/distinfo Mon Oct 2 15:54:23 2017
@@ -1,11 +1,11 @@
-$NetBSD: distinfo,v 1.16 2017/07/01 22:12:53 joerg Exp $
+$NetBSD: distinfo,v 1.17 2017/10/02 15:54:23 wiz Exp $
+SHA1 (openvpn/openvpn-2.4.4.tar.xz) = 23f614a2087ad0136a836537ecfd47af09f27276
+RMD160 (openvpn/openvpn-2.4.4.tar.xz) = 945ef4521dcbaf0bc03964fa6d62583af5d87d92
+SHA512 (openvpn/openvpn-2.4.4.tar.xz) = c171d1243ab739310247f076483592758e71f810f7b29b507d3a67b86b3b87e1e854d240d25a3428a7b31b7cf2958ad17987d32151da6ed7ec27d698837d3273
+Size (openvpn/openvpn-2.4.4.tar.xz) = 924172 bytes
SHA1 (openvpn/openvpn-acct-wtmpx-20130210.tgz) = cf7bc26b12a65493cdf5db93b03bbb938a2f0f33
RMD160 (openvpn/openvpn-acct-wtmpx-20130210.tgz) = d9000789f04606bfa17db1597a45a4235b1119ea
SHA512 (openvpn/openvpn-acct-wtmpx-20130210.tgz) = 7b8fd4929e65d8d84158f62e5a17ff3adb3b4a6cff63b29038acfb368750719f2f593786ed9b02402824c19d872b188d2a46740a5c5f853e8873a71481b13aaf
Size (openvpn/openvpn-acct-wtmpx-20130210.tgz) = 2778 bytes
-SHA1 (openvpn/openvpn-2.4.3.tar.xz) = b3adaf06225c13ab55b88a0edd3df71278860c20
-RMD160 (openvpn/openvpn-2.4.3.tar.xz) = 110f2879222c6a0a076af10fbce4deff2a0ff4b0
-SHA512 (openvpn/openvpn-2.4.3.tar.xz) = b92ec769f672fa7c7a70985535754c566891f94774e4bc3aeb2141b3c168783aebeb82341635d3708978dd3254708221e2ddaae9919d4cf398318fff7d01c926
-Size (openvpn/openvpn-2.4.3.tar.xz) = 938440 bytes
SHA1 (patch-Makefile) = 4ed829df8d43a6e6b9b0242c749630079a41f5e4
Index: pkgsrc/net/openvpn-nagios/distinfo
diff -u pkgsrc/net/openvpn-nagios/distinfo:1.13 pkgsrc/net/openvpn-nagios/distinfo:1.14
--- pkgsrc/net/openvpn-nagios/distinfo:1.13 Sat Jul 1 22:12:53 2017
+++ pkgsrc/net/openvpn-nagios/distinfo Mon Oct 2 15:54:24 2017
@@ -1,12 +1,12 @@
-$NetBSD: distinfo,v 1.13 2017/07/01 22:12:53 joerg Exp $
+$NetBSD: distinfo,v 1.14 2017/10/02 15:54:24 wiz Exp $
+SHA1 (openvpn/openvpn-2.4.4.tar.xz) = 23f614a2087ad0136a836537ecfd47af09f27276
+RMD160 (openvpn/openvpn-2.4.4.tar.xz) = 945ef4521dcbaf0bc03964fa6d62583af5d87d92
+SHA512 (openvpn/openvpn-2.4.4.tar.xz) = c171d1243ab739310247f076483592758e71f810f7b29b507d3a67b86b3b87e1e854d240d25a3428a7b31b7cf2958ad17987d32151da6ed7ec27d698837d3273
+Size (openvpn/openvpn-2.4.4.tar.xz) = 924172 bytes
SHA1 (openvpn/openvpn-nagios-20130210.tgz) = 8a0fd4e3eba27584aa53c5589c13d4b38af43ba2
RMD160 (openvpn/openvpn-nagios-20130210.tgz) = 2a47893ec2db2c280adc7b9fbbea97794ec1a6f4
SHA512 (openvpn/openvpn-nagios-20130210.tgz) = 80e565f32379c39eb6c7f3b4744af221ae882ff07dce9dae5bd7feb73b0edcfc7c7ac7f70d23fdcd4f492b66f095f09833deb122449840b36ea606ce91900358
Size (openvpn/openvpn-nagios-20130210.tgz) = 3034 bytes
-SHA1 (openvpn/openvpn-2.4.3.tar.xz) = b3adaf06225c13ab55b88a0edd3df71278860c20
-RMD160 (openvpn/openvpn-2.4.3.tar.xz) = 110f2879222c6a0a076af10fbce4deff2a0ff4b0
-SHA512 (openvpn/openvpn-2.4.3.tar.xz) = b92ec769f672fa7c7a70985535754c566891f94774e4bc3aeb2141b3c168783aebeb82341635d3708978dd3254708221e2ddaae9919d4cf398318fff7d01c926
-Size (openvpn/openvpn-2.4.3.tar.xz) = 938440 bytes
SHA1 (patch-Makefile) = accc6a2a49530a504897451f2a2f45c528b7b131
SHA1 (patch-openvpn-nagios.c) = 36e9ee6e652051b3b047710666998052bef637db
Home |
Main Index |
Thread Index |
Old Index