[ubuntu/jammy-proposed] openvpn 2.5.8-0ubuntu0.22.04.1 (Accepted)
Lena Voytek
lena.voytek at canonical.com
Fri Apr 14 20:35:30 UTC 2023
openvpn (2.5.8-0ubuntu0.22.04.1) jammy; urgency=medium
* New upstream releases 2.5.6-2.5.8 (LP: #2004676):
- The version is being updated to the latest in 2.5.x rather than 2.6.x to
avoid feature releases and focus on bug fixes
- Updates:
+ OpenSSL3 support
+ pkcs11-helper upgrade to 1.28.4
+ allow running a default configuration with TLS libraries without BF-CBC
- Bug Fixes Include:
+ CVE-2022-0547
+ Fix potential memory leaks in add_route() and add_route_ipv6()
+ Fix PATH_MAX build failure in auth-pam.c
+ Fix using --auth-token together with --management-client-auth
+ Fix clearing of username+password when using --auth-nocache
+ See https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn25 for
additional bug fixes and information
* Remove patches fixed upstream:
- d/p/CVE-2022-0547.patch
[Included in upstream release 2.5.6]
- d/p/openssl-3/0001-Add-insecure-tls-cert-profile-options.patch
- d/p/openssl-3/0002-Refactor-early-initialisation-and-uninitialisation-
into-methods.patch
- d/p/openssl-3/0003-Allow-loading-of-non-default-providers.patch
- d/p/openssl-3/0004-Fix-allowing-showing-unsupported-ciphers-digests.patch
- d/p/openssl-3/0005-Add-message-when-decoding-PKCS12-file-fails.patch
- d/p/openssl-3/0006-Translate-OpenSSL-3.0-digest-names-to-OpenSSL-1.1-
digest-names.patch
[Included in upstream release 2.5.7]
- d/p/openssl-3/0007-Allow-running-a-default-configuration-with-TLS-
libraries-without-BF-CBC.patch
- d/p/match-manpage-and-command-help.patch
[Included in upstream release 2.5.8]
Date: Fri, 03 Feb 2023 15:49:35 -0700
Changed-By: Lena Voytek <lena.voytek at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/openvpn/2.5.8-0ubuntu0.22.04.1
-------------- next part --------------
Format: 1.8
Date: Fri, 03 Feb 2023 15:49:35 -0700
Source: openvpn
Built-For-Profiles: noudeb
Architecture: source
Version: 2.5.8-0ubuntu0.22.04.1
Distribution: jammy
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Lena Voytek <lena.voytek at canonical.com>
Launchpad-Bugs-Fixed: 2004676
Changes:
openvpn (2.5.8-0ubuntu0.22.04.1) jammy; urgency=medium
.
* New upstream releases 2.5.6-2.5.8 (LP: #2004676):
- The version is being updated to the latest in 2.5.x rather than 2.6.x to
avoid feature releases and focus on bug fixes
- Updates:
+ OpenSSL3 support
+ pkcs11-helper upgrade to 1.28.4
+ allow running a default configuration with TLS libraries without BF-CBC
- Bug Fixes Include:
+ CVE-2022-0547
+ Fix potential memory leaks in add_route() and add_route_ipv6()
+ Fix PATH_MAX build failure in auth-pam.c
+ Fix using --auth-token together with --management-client-auth
+ Fix clearing of username+password when using --auth-nocache
+ See https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn25 for
additional bug fixes and information
* Remove patches fixed upstream:
- d/p/CVE-2022-0547.patch
[Included in upstream release 2.5.6]
- d/p/openssl-3/0001-Add-insecure-tls-cert-profile-options.patch
- d/p/openssl-3/0002-Refactor-early-initialisation-and-uninitialisation-
into-methods.patch
- d/p/openssl-3/0003-Allow-loading-of-non-default-providers.patch
- d/p/openssl-3/0004-Fix-allowing-showing-unsupported-ciphers-digests.patch
- d/p/openssl-3/0005-Add-message-when-decoding-PKCS12-file-fails.patch
- d/p/openssl-3/0006-Translate-OpenSSL-3.0-digest-names-to-OpenSSL-1.1-
digest-names.patch
[Included in upstream release 2.5.7]
- d/p/openssl-3/0007-Allow-running-a-default-configuration-with-TLS-
libraries-without-BF-CBC.patch
- d/p/match-manpage-and-command-help.patch
[Included in upstream release 2.5.8]
Checksums-Sha1:
d1c823104608ea0a6bfa4728b6c59a73740889b4 2298 openvpn_2.5.8-0ubuntu0.22.04.1.dsc
dfd472259d87acaef664edb498701a11ae1706c0 1875551 openvpn_2.5.8.orig.tar.gz
c3c576fb83aa71d0711189d6caee798027a63361 65132 openvpn_2.5.8-0ubuntu0.22.04.1.debian.tar.xz
9c46361ff11a395aebd556d64ac2db628abaa042 8626 openvpn_2.5.8-0ubuntu0.22.04.1_source.buildinfo
Checksums-Sha256:
fb7466e4ad8ab9f80f2b91b6fd1ac49bf42884e93f7988e49feb3bdadf3593b1 2298 openvpn_2.5.8-0ubuntu0.22.04.1.dsc
a6f315b7231d44527e65901ff646f87d7f07862c87f33531daa109fb48c53db2 1875551 openvpn_2.5.8.orig.tar.gz
bd8638e6081d07ecd6b073e377f136d4b582a95bea091da0e79889f2252f3718 65132 openvpn_2.5.8-0ubuntu0.22.04.1.debian.tar.xz
ef92668a7fa9d8727cb2898af4ca5a5e072cd1e23e56a26e7bfa2105f017fa0f 8626 openvpn_2.5.8-0ubuntu0.22.04.1_source.buildinfo
Files:
63ac9dca31c750f856d1cd3e06de7b74 2298 net optional openvpn_2.5.8-0ubuntu0.22.04.1.dsc
8c1181a2baaa25b36e4aa67161c2829e 1875551 net optional openvpn_2.5.8.orig.tar.gz
003211268f4c0ef0adec42d120b65416 65132 net optional openvpn_2.5.8-0ubuntu0.22.04.1.debian.tar.xz
210e34399013b0a66ca81aad931331c0 8626 net optional openvpn_2.5.8-0ubuntu0.22.04.1_source.buildinfo
Original-Maintainer: Bernhard Schmidt <berni at debian.org>
More information about the jammy-changes
mailing list