[ubuntu/jammy-proposed] openvpn 2.5.8-0ubuntu0.22.04.1 (Accepted)

Lena Voytek lena.voytek at canonical.com
Fri Apr 14 20:35:30 UTC 2023 

openvpn (2.5.8-0ubuntu0.22.04.1) jammy; urgency=medium

  * New upstream releases 2.5.6-2.5.8 (LP: #2004676):
    - The version is being updated to the latest in 2.5.x rather than 2.6.x to
      avoid feature releases and focus on bug fixes
    - Updates:
      + OpenSSL3 support
      + pkcs11-helper upgrade to 1.28.4
      + allow running a default configuration with TLS libraries without BF-CBC
    - Bug Fixes Include:
      + CVE-2022-0547
      + Fix potential memory leaks in add_route() and add_route_ipv6()
      + Fix PATH_MAX build failure in auth-pam.c
      + Fix using --auth-token together with --management-client-auth
      + Fix clearing of username+password when using --auth-nocache
      + See https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn25 for
        additional bug fixes and information
  * Remove patches fixed upstream:
    - d/p/CVE-2022-0547.patch
      [Included in upstream release 2.5.6]
    - d/p/openssl-3/0001-Add-insecure-tls-cert-profile-options.patch
    - d/p/openssl-3/0002-Refactor-early-initialisation-and-uninitialisation-
      into-methods.patch
    - d/p/openssl-3/0003-Allow-loading-of-non-default-providers.patch
    - d/p/openssl-3/0004-Fix-allowing-showing-unsupported-ciphers-digests.patch
    - d/p/openssl-3/0005-Add-message-when-decoding-PKCS12-file-fails.patch
    - d/p/openssl-3/0006-Translate-OpenSSL-3.0-digest-names-to-OpenSSL-1.1-
      digest-names.patch
     [Included in upstream release 2.5.7]
    - d/p/openssl-3/0007-Allow-running-a-default-configuration-with-TLS-
      libraries-without-BF-CBC.patch
    - d/p/match-manpage-and-command-help.patch
      [Included in upstream release 2.5.8]

Date: Fri, 03 Feb 2023 15:49:35 -0700
Changed-By: Lena Voytek <lena.voytek at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/openvpn/2.5.8-0ubuntu0.22.04.1
-------------- next part --------------
Format: 1.8
Date: Fri, 03 Feb 2023 15:49:35 -0700
Source: openvpn
Built-For-Profiles: noudeb
Architecture: source
Version: 2.5.8-0ubuntu0.22.04.1
Distribution: jammy
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Lena Voytek <lena.voytek at canonical.com>
Launchpad-Bugs-Fixed: 2004676
Changes:
 openvpn (2.5.8-0ubuntu0.22.04.1) jammy; urgency=medium
 .
   * New upstream releases 2.5.6-2.5.8 (LP: #2004676):
     - The version is being updated to the latest in 2.5.x rather than 2.6.x to
       avoid feature releases and focus on bug fixes
     - Updates:
       + OpenSSL3 support
       + pkcs11-helper upgrade to 1.28.4
       + allow running a default configuration with TLS libraries without BF-CBC
     - Bug Fixes Include:
       + CVE-2022-0547
       + Fix potential memory leaks in add_route() and add_route_ipv6()
       + Fix PATH_MAX build failure in auth-pam.c
       + Fix using --auth-token together with --management-client-auth
       + Fix clearing of username+password when using --auth-nocache
       + See https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn25 for
         additional bug fixes and information
   * Remove patches fixed upstream:
     - d/p/CVE-2022-0547.patch
       [Included in upstream release 2.5.6]
     - d/p/openssl-3/0001-Add-insecure-tls-cert-profile-options.patch
     - d/p/openssl-3/0002-Refactor-early-initialisation-and-uninitialisation-
       into-methods.patch
     - d/p/openssl-3/0003-Allow-loading-of-non-default-providers.patch
     - d/p/openssl-3/0004-Fix-allowing-showing-unsupported-ciphers-digests.patch
     - d/p/openssl-3/0005-Add-message-when-decoding-PKCS12-file-fails.patch
     - d/p/openssl-3/0006-Translate-OpenSSL-3.0-digest-names-to-OpenSSL-1.1-
       digest-names.patch
      [Included in upstream release 2.5.7]
     - d/p/openssl-3/0007-Allow-running-a-default-configuration-with-TLS-
       libraries-without-BF-CBC.patch
     - d/p/match-manpage-and-command-help.patch
       [Included in upstream release 2.5.8]
Checksums-Sha1:
 d1c823104608ea0a6bfa4728b6c59a73740889b4 2298 openvpn_2.5.8-0ubuntu0.22.04.1.dsc
 dfd472259d87acaef664edb498701a11ae1706c0 1875551 openvpn_2.5.8.orig.tar.gz
 c3c576fb83aa71d0711189d6caee798027a63361 65132 openvpn_2.5.8-0ubuntu0.22.04.1.debian.tar.xz
 9c46361ff11a395aebd556d64ac2db628abaa042 8626 openvpn_2.5.8-0ubuntu0.22.04.1_source.buildinfo
Checksums-Sha256:
 fb7466e4ad8ab9f80f2b91b6fd1ac49bf42884e93f7988e49feb3bdadf3593b1 2298 openvpn_2.5.8-0ubuntu0.22.04.1.dsc
 a6f315b7231d44527e65901ff646f87d7f07862c87f33531daa109fb48c53db2 1875551 openvpn_2.5.8.orig.tar.gz
 bd8638e6081d07ecd6b073e377f136d4b582a95bea091da0e79889f2252f3718 65132 openvpn_2.5.8-0ubuntu0.22.04.1.debian.tar.xz
 ef92668a7fa9d8727cb2898af4ca5a5e072cd1e23e56a26e7bfa2105f017fa0f 8626 openvpn_2.5.8-0ubuntu0.22.04.1_source.buildinfo
Files:
 63ac9dca31c750f856d1cd3e06de7b74 2298 net optional openvpn_2.5.8-0ubuntu0.22.04.1.dsc
 8c1181a2baaa25b36e4aa67161c2829e 1875551 net optional openvpn_2.5.8.orig.tar.gz
 003211268f4c0ef0adec42d120b65416 65132 net optional openvpn_2.5.8-0ubuntu0.22.04.1.debian.tar.xz
 210e34399013b0a66ca81aad931331c0 8626 net optional openvpn_2.5.8-0ubuntu0.22.04.1_source.buildinfo
Original-Maintainer: Bernhard Schmidt <berni at debian.org>

More information about the jammy-changes mailing list