openvpn: update to 2.4.9

This is primarily a maintenance release with bugfixes and improvements.
This release also fixes a security issue (CVE-2020-11810) which allows
disrupting service of a freshly connected client that has not yet
negotiated session keys. The vulnerability cannot be used to
inject or steal VPN traffic.

Release announcement:
https://openvpn.net/community-downloads/#heading-13812
Full list of changes:
https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn24#OpenVPN2.4.9

Signed-off-by: Magnus Kroken <mkroken@gmail.com>
(cherry-picked from commit d7e98bd7c5)
This commit is contained in:
Magnus Kroken 2021-04-21 22:10:57 +02:00 committed by Hauke Mehrtens
parent f82ddf9024
commit a8beddcd34
3 changed files with 4 additions and 4 deletions

View File

@ -9,14 +9,14 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=openvpn PKG_NAME:=openvpn
PKG_VERSION:=2.4.8 PKG_VERSION:=2.4.9
PKG_RELEASE:=1 PKG_RELEASE:=1
PKG_SOURCE_URL:=\ PKG_SOURCE_URL:=\
https://build.openvpn.net/downloads/releases/ \ https://build.openvpn.net/downloads/releases/ \
https://swupdate.openvpn.net/community/releases/ https://swupdate.openvpn.net/community/releases/
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_HASH:=fb8ca66bb7807fff595fbdf2a0afd085c02a6aa47715c9aa3171002f9f1a3f91 PKG_HASH:=641f3add8694b2ccc39fd4fd92554e4f089ad16a8db6d2b473ec284839a5ebe2
PKG_MAINTAINER:=Felix Fietkau <nbd@nbd.name> PKG_MAINTAINER:=Felix Fietkau <nbd@nbd.name>

View File

@ -1,6 +1,6 @@
--- a/src/openvpn/ssl_mbedtls.c --- a/src/openvpn/ssl_mbedtls.c
+++ b/src/openvpn/ssl_mbedtls.c +++ b/src/openvpn/ssl_mbedtls.c
@@ -1406,7 +1406,7 @@ const char * @@ -1415,7 +1415,7 @@ const char *
get_ssl_library_version(void) get_ssl_library_version(void)
{ {
static char mbedtls_version[30]; static char mbedtls_version[30];

View File

@ -47,7 +47,7 @@ Signed-off-by: Gert Doering <gert@greenie.muc.de>
#endif #endif
--- a/src/openvpn/ssl_openssl.c --- a/src/openvpn/ssl_openssl.c
+++ b/src/openvpn/ssl_openssl.c +++ b/src/openvpn/ssl_openssl.c
@@ -1977,7 +1977,7 @@ get_highest_preference_tls_cipher(char * @@ -2008,7 +2008,7 @@ get_highest_preference_tls_cipher(char *
const char * const char *
get_ssl_library_version(void) get_ssl_library_version(void)
{ {