[ubuntu/precise-security] openvpn 2.2.1-8ubuntu1.5 (Accepted)
Steve Langasek
steve.langasek at canonical.com
Mon May 3 12:52:52 UTC 2021
openvpn (2.2.1-8ubuntu1.5) precise-security; urgency=medium
* SECURITY UPDATE: Pre-authentication remote crash/information disclosure
for clients
- debian/patches/CVE-2017-7520.patch: prevent two kinds of stack buffer
OOB reads and a crash for invalid input data in src/openvpn/ntlm.c.
- CVE-2017-7520
* SECURITY UPDATE: DoS in establish_http_proxy_passthru()
- debian/patches/establish_http_proxy_passthru_dos.patch: fix
null-pointer dereference in src/openvpn/proxy.c.
- NO CVE number
Date: 2017-08-02 19:27:16.879173+00:00
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
Signed-By: Steve Langasek <steve.langasek at canonical.com>
https://launchpad.net/ubuntu/+source/openvpn/2.2.1-8ubuntu1.5
-------------- next part --------------
Sorry, changesfile not available.
More information about the Precise-changes
mailing list