[ubuntu/jammy-proposed] openvpn 2.5.9-0ubuntu0.22.04.2 (Accepted)
Lena Voytek
lena.voytek at canonical.com
Tue Nov 21 18:05:38 UTC 2023
openvpn (2.5.9-0ubuntu0.22.04.2) jammy; urgency=medium
* d/rules: Use --with-openssl-engine=yes during configuration to maintain the
existing behavior of technically allowing openssl engine access in jammy.
For more information see
https://bugs.launchpad.net/ubuntu/+source/openvpn/+bug/2004676/comments/6
openvpn (2.5.9-0ubuntu0.22.04.1) jammy; urgency=medium
* New upstream release 2.5.9 (LP: #2004676):
- The version is being updated to the latest in 2.5.x rather than 2.6.x to
avoid feature releases and focus on bug fixes
- Updates:
+ Allow optional ciphers in --data-ciphers
- Bug Fixes Include:
+ Fix null pointer error when running openvpn --show-tls with mbedtls
+ Fix corner case that could lead to leaked file descriptor
+ Fix parsing issue in pull-filter when there are leading spaces
+ Fix possible buffer overflow in parse_line argument
+ See https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn25 for
additional bug fixes and information
openvpn (2.5.8-0ubuntu0.22.04.1) jammy; urgency=medium
* New upstream releases 2.5.6-2.5.8 (LP: #2004676):
- The version is being updated to the latest in 2.5.x rather than 2.6.x to
avoid feature releases and focus on bug fixes
- Updates:
+ OpenSSL3 support
+ pkcs11-helper upgrade to 1.28.4
+ allow running a default configuration with TLS libraries without BF-CBC
- Bug Fixes Include:
+ CVE-2022-0547
+ Fix potential memory leaks in add_route() and add_route_ipv6()
+ Fix PATH_MAX build failure in auth-pam.c
+ Fix using --auth-token together with --management-client-auth
+ Fix clearing of username+password when using --auth-nocache
+ See https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn25 for
additional bug fixes and information
* Remove patches fixed upstream:
- d/p/CVE-2022-0547.patch
[Included in upstream release 2.5.6]
- d/p/openssl-3/0001-Add-insecure-tls-cert-profile-options.patch
- d/p/openssl-3/0002-Refactor-early-initialisation-and-uninitialisation-
into-methods.patch
- d/p/openssl-3/0003-Allow-loading-of-non-default-providers.patch
- d/p/openssl-3/0004-Fix-allowing-showing-unsupported-ciphers-digests.patch
- d/p/openssl-3/0005-Add-message-when-decoding-PKCS12-file-fails.patch
- d/p/openssl-3/0006-Translate-OpenSSL-3.0-digest-names-to-OpenSSL-1.1-
digest-names.patch
[Included in upstream release 2.5.7]
- d/p/openssl-3/0007-Allow-running-a-default-configuration-with-TLS-
libraries-without-BF-CBC.patch
- d/p/match-manpage-and-command-help.patch
[Included in upstream release 2.5.8]
Date: Fri, 29 Sep 2023 16:14:48 -0700
Changed-By: Lena Voytek <lena.voytek at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/openvpn/2.5.9-0ubuntu0.22.04.2
-------------- next part --------------
Format: 1.8
Date: Fri, 29 Sep 2023 16:14:48 -0700
Source: openvpn
Built-For-Profiles: noudeb
Architecture: source
Version: 2.5.9-0ubuntu0.22.04.2
Distribution: jammy
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Lena Voytek <lena.voytek at canonical.com>
Launchpad-Bugs-Fixed: 2004676
Changes:
openvpn (2.5.9-0ubuntu0.22.04.2) jammy; urgency=medium
.
* d/rules: Use --with-openssl-engine=yes during configuration to maintain the
existing behavior of technically allowing openssl engine access in jammy.
For more information see
https://bugs.launchpad.net/ubuntu/+source/openvpn/+bug/2004676/comments/6
.
openvpn (2.5.9-0ubuntu0.22.04.1) jammy; urgency=medium
.
* New upstream release 2.5.9 (LP: #2004676):
- The version is being updated to the latest in 2.5.x rather than 2.6.x to
avoid feature releases and focus on bug fixes
- Updates:
+ Allow optional ciphers in --data-ciphers
- Bug Fixes Include:
+ Fix null pointer error when running openvpn --show-tls with mbedtls
+ Fix corner case that could lead to leaked file descriptor
+ Fix parsing issue in pull-filter when there are leading spaces
+ Fix possible buffer overflow in parse_line argument
+ See https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn25 for
additional bug fixes and information
.
openvpn (2.5.8-0ubuntu0.22.04.1) jammy; urgency=medium
.
* New upstream releases 2.5.6-2.5.8 (LP: #2004676):
- The version is being updated to the latest in 2.5.x rather than 2.6.x to
avoid feature releases and focus on bug fixes
- Updates:
+ OpenSSL3 support
+ pkcs11-helper upgrade to 1.28.4
+ allow running a default configuration with TLS libraries without BF-CBC
- Bug Fixes Include:
+ CVE-2022-0547
+ Fix potential memory leaks in add_route() and add_route_ipv6()
+ Fix PATH_MAX build failure in auth-pam.c
+ Fix using --auth-token together with --management-client-auth
+ Fix clearing of username+password when using --auth-nocache
+ See https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn25 for
additional bug fixes and information
* Remove patches fixed upstream:
- d/p/CVE-2022-0547.patch
[Included in upstream release 2.5.6]
- d/p/openssl-3/0001-Add-insecure-tls-cert-profile-options.patch
- d/p/openssl-3/0002-Refactor-early-initialisation-and-uninitialisation-
into-methods.patch
- d/p/openssl-3/0003-Allow-loading-of-non-default-providers.patch
- d/p/openssl-3/0004-Fix-allowing-showing-unsupported-ciphers-digests.patch
- d/p/openssl-3/0005-Add-message-when-decoding-PKCS12-file-fails.patch
- d/p/openssl-3/0006-Translate-OpenSSL-3.0-digest-names-to-OpenSSL-1.1-
digest-names.patch
[Included in upstream release 2.5.7]
- d/p/openssl-3/0007-Allow-running-a-default-configuration-with-TLS-
libraries-without-BF-CBC.patch
- d/p/match-manpage-and-command-help.patch
[Included in upstream release 2.5.8]
Checksums-Sha1:
f41fd1ccf8bf0fb916ae0c5d973c718b73c2a61e 2298 openvpn_2.5.9-0ubuntu0.22.04.2.dsc
aaea4f2aba173ae2a7d5599e78252778af277390 1840560 openvpn_2.5.9.orig.tar.gz
7d171b960f24b8bf32af0517c5da19ef5a31690f 65392 openvpn_2.5.9-0ubuntu0.22.04.2.debian.tar.xz
3534bcb6aab66230d84f89ef2ef1c1d1e9c614cc 8725 openvpn_2.5.9-0ubuntu0.22.04.2_source.buildinfo
Checksums-Sha256:
b3245b136f2b475206721be7a2af0f3e543a457bd98d73f5435214db0257f6a8 2298 openvpn_2.5.9-0ubuntu0.22.04.2.dsc
8794b7125998c68f30de654267a702b9581454ca1e7061511fcc5f99fea4bd32 1840560 openvpn_2.5.9.orig.tar.gz
3023855cbcedad8de67cee616387cfb868c498d8530a49797b6e7df607991077 65392 openvpn_2.5.9-0ubuntu0.22.04.2.debian.tar.xz
05d933a696b68a6cc1e7e19b9df6ef1127efea1dcff0d7a5604b971752165c56 8725 openvpn_2.5.9-0ubuntu0.22.04.2_source.buildinfo
Files:
3893da36980bf427f709ee9e372edcf1 2298 net optional openvpn_2.5.9-0ubuntu0.22.04.2.dsc
ef70ed036018b21403c921f72ff518af 1840560 net optional openvpn_2.5.9.orig.tar.gz
2e5e87efdf95ce6485b19bfbaeb15fe1 65392 net optional openvpn_2.5.9-0ubuntu0.22.04.2.debian.tar.xz
42e0bd76e0ecb71a9f9e384bdce30a04 8725 net optional openvpn_2.5.9-0ubuntu0.22.04.2_source.buildinfo
Original-Maintainer: Bernhard Schmidt <berni at debian.org>
Vcs-Git: https://git.launchpad.net/~lvoytek/ubuntu/+source/openvpn
Vcs-Git-Commit: 59bc5060a27cf09b38664f5f51a727997ae1d4ed
Vcs-Git-Ref: refs/heads/2.5.8-MRE-jammy-allow-openssl-engines
More information about the jammy-changes
mailing list