[ubuntu/groovy-proposed] openvpn 2.4.9-2ubuntu1 (Accepted)

Lucas Kanashiro lucas.kanashiro at canonical.com
Fri May 8 12:33:12 UTC 2020


openvpn (2.4.9-2ubuntu1) groovy; urgency=medium

  * Merge with Debian unstable. Remaining changes:
    - d/control: Demote easy-rsa to Suggests (universe package).
    - debian/openvpn at .service: Add '--script-security 2' similar to what
      got added to debian/openvpn.init.d ages ago (LP 1454725)
    - Allow MD5 for PRF in FIPS mode openssl.
  * Added changes:
    - d/tests: add two DEP-8 test cases
      + d/t/server-setup-with-static-key: test the OpenVPN server side setup
        using a static key.
      + d/t/server-setup-with-ca: test the OpenVPN server side setup using a
        CA built with easy-rsa.

openvpn (2.4.9-2) unstable; urgency=medium

  * Cherry-Pick upstream patch to fix ssl_do_config error with
    invalid OpenSSL system configuration (Closes: #958296)
    Thanks to Jonas Andradas for reporting and Arne Schwabe for debugging.
  * Use DEB_HOST_MULTIARCH for libraries (Closes: #958315)
  * Enable Salsa CI

openvpn (2.4.9-1) unstable; urgency=medium

  [ Jörg Frings-Fürst ]
  * New upstream release (Closes: #950610).
  * Refresh debian/patches/openvpn-pkcs11warn.patch.
  * Remove upstream applied fix-pkcs11-helper-hang.patch.
  * Add libp11-kit-dev to Build - Depends (Closes: #940727).
  * Add symlinks for plugins into /usr/lib/openvpn/ (Closes: #946348).
  * Declare compliance with Debian Policy 4.5.0 (No changes needed).
  * Switch to debhelper-compat:
    - debian/control: change to debhelper-compat (=12).
    - remove debian/compat.
  * debian/copyright:
    - Add year 2020 to debian/*.
    - Add year 2019 to *.
  * debian/control:
    - Add Rules-Requires-Root: No.

  [ Bernhard Schmidt ]
  * New upstream version 2.4.9
    - CVE-2020-11810
      illegal client float can break VPN session for other users

Date: Wed, 29 Apr 2020 15:35:56 -0300
Changed-By: Lucas Kanashiro <lucas.kanashiro at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/openvpn/2.4.9-2ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Wed, 29 Apr 2020 15:35:56 -0300
Source: openvpn
Architecture: source
Version: 2.4.9-2ubuntu1
Distribution: groovy
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Lucas Kanashiro <lucas.kanashiro at canonical.com>
Closes: 940727 946348 950610 958296 958315
Changes:
 openvpn (2.4.9-2ubuntu1) groovy; urgency=medium
 .
   * Merge with Debian unstable. Remaining changes:
     - d/control: Demote easy-rsa to Suggests (universe package).
     - debian/openvpn at .service: Add '--script-security 2' similar to what
       got added to debian/openvpn.init.d ages ago (LP 1454725)
     - Allow MD5 for PRF in FIPS mode openssl.
   * Added changes:
     - d/tests: add two DEP-8 test cases
       + d/t/server-setup-with-static-key: test the OpenVPN server side setup
         using a static key.
       + d/t/server-setup-with-ca: test the OpenVPN server side setup using a
         CA built with easy-rsa.
 .
 openvpn (2.4.9-2) unstable; urgency=medium
 .
   * Cherry-Pick upstream patch to fix ssl_do_config error with
     invalid OpenSSL system configuration (Closes: #958296)
     Thanks to Jonas Andradas for reporting and Arne Schwabe for debugging.
   * Use DEB_HOST_MULTIARCH for libraries (Closes: #958315)
   * Enable Salsa CI
 .
 openvpn (2.4.9-1) unstable; urgency=medium
 .
   [ Jörg Frings-Fürst ]
   * New upstream release (Closes: #950610).
   * Refresh debian/patches/openvpn-pkcs11warn.patch.
   * Remove upstream applied fix-pkcs11-helper-hang.patch.
   * Add libp11-kit-dev to Build - Depends (Closes: #940727).
   * Add symlinks for plugins into /usr/lib/openvpn/ (Closes: #946348).
   * Declare compliance with Debian Policy 4.5.0 (No changes needed).
   * Switch to debhelper-compat:
     - debian/control: change to debhelper-compat (=12).
     - remove debian/compat.
   * debian/copyright:
     - Add year 2020 to debian/*.
     - Add year 2019 to *.
   * debian/control:
     - Add Rules-Requires-Root: No.
 .
   [ Bernhard Schmidt ]
   * New upstream version 2.4.9
     - CVE-2020-11810
       illegal client float can break VPN session for other users
Checksums-Sha1:
 66f22bde3b50a1244906d9be1fa5da3efba9feae 2269 openvpn_2.4.9-2ubuntu1.dsc
 60adab3955438d64cf7461ed8a6bb07babfd0e3c 954264 openvpn_2.4.9.orig.tar.xz
 14c113bfbd5ce941fa4ad3e87bb955481c643e33 63356 openvpn_2.4.9-2ubuntu1.debian.tar.xz
 b7dc2a79d9d1348daa186fff1a94778f54439ccc 6131 openvpn_2.4.9-2ubuntu1_source.buildinfo
Checksums-Sha256:
 86ee036af4fd9e662a12eb6952029a277f3af2f2c1e1c0cc386b11b25b409ee1 2269 openvpn_2.4.9-2ubuntu1.dsc
 641f3add8694b2ccc39fd4fd92554e4f089ad16a8db6d2b473ec284839a5ebe2 954264 openvpn_2.4.9.orig.tar.xz
 2c60a2394c62036204f02c018a378fbca7ea51838d46ce0ece53c81b64753572 63356 openvpn_2.4.9-2ubuntu1.debian.tar.xz
 b8910675c5d0e13d735a8036f857c01a87a2bbfd11526c3e51ca6ba1fa741a5e 6131 openvpn_2.4.9-2ubuntu1_source.buildinfo
Files:
 a2c4dd7a750d14289a7115072701e248 2269 net optional openvpn_2.4.9-2ubuntu1.dsc
 446df6dc29364d00929ea9c725412cb8 954264 net optional openvpn_2.4.9.orig.tar.xz
 33086d8d08bd5f7d8b00a9ae157408f7 63356 net optional openvpn_2.4.9-2ubuntu1.debian.tar.xz
 1ecff628b027880f02fc258e48170634 6131 net optional openvpn_2.4.9-2ubuntu1_source.buildinfo
Original-Maintainer: Bernhard Schmidt <berni at debian.org>

-----BEGIN PGP SIGNATURE-----

iQJSBAEBCAA8FiEEjtbD+LrJ23/BMKhw+COicpiDyXwFAl61UPEeHGx1Y2FzLmth
bmFzaGlyb0BjYW5vbmljYWwuY29tAAoJEPgjonKYg8l8AuEP/0uxKwYW9Rk/oVNV
bqk/L/YgjPPc9UJCBzvBozu7Pxxb67Zvb6QHwaLsThPHAJ7krMRlz3XbSkTGpXbU
Byq7jwRYgEtZwK98kLuvZu4CasblUjXZ2CkKcIloBBqfW6AQr5c9pxrkVVsnSm5q
7Vqa2NhVPQQp9gOcpTsIN1WolXu/T7aYr1dyGFh3CMOZGDcZMAvkt6QFzXs2VIjN
Fa9prTWMBSJ7NcjRtDPmAS/uOmgBHfF26acObK2FhoLudTshwd4w3MrxZ/jzexM9
RacwJvuezsOYEr/KaMoaqL+AD9r/PO3qVoH6BZyvD9NYX8dn8ZcwrC+UL2a2T2ee
iEN5oqq+ZaJWgEiuOrewaqFxrJZ205RFupPiZNcmKPmfjXV9zxQ3O9afIYDKv5Kl
lbJSDi92f2LGgHKVUjdlmgsnh/DlEbmJeGphmugaBSzcFUCqnnp3++uPCG7GeCk5
tT6REi7N2jFBX0ObdQLmTWf83TSGpSI5ikLt0My8UpVkPzPt5SjDznajOBtvy25T
0x3vLzttoUTa5K7HfN77Vz/T9UNwH2/fYWqG1vpCx1omPQ1mPyUPpdYD8i+vm4+5
LrQnDEiko1r1QYiYApzwp1B83oh/EPOPhV8OxPWz7/ZAhYoLNNFOzwb9leAMrt8j
D5sAVEqG/Inm+YwNNxosoxqd6ok5
=8At8
-----END PGP SIGNATURE-----


More information about the Groovy-changes mailing list