ExternalVendorCode/openwrt
1
0
Fork 0
mirror of https://github.com/openwrt/openwrt.git synced 2025-02-21 09:42:09 +00:00
Code Issues Actions 4 Packages Projects Releases Wiki Activity
45,860 Commits 9 Branches 80 Tags
Commit Graph

3 Commits

Author SHA1 Message Date
Magnus Kroken
7198ae4cf3 openvpn: update to 2.4.11 
Fixes two related security vulnerabilities (CVE-2020-15078) which under
very specific circumstances allow tricking a server using delayed
authentication (plugin or management) into returning a PUSH_REPLY before
the AUTH_FAILED message, which can possibly be used to gather
information about a VPN setup.

This release also includes other bug fixes and improvements.

Signed-off-by: Magnus Kroken <mkroken@gmail.com>
 2021-05-02 14:43:52 +02:00
Magnus Kroken
a8beddcd34 openvpn: update to 2.4.9 
This is primarily a maintenance release with bugfixes and improvements.
This release also fixes a security issue (CVE-2020-11810) which allows
disrupting service of a freshly connected client that has not yet
negotiated session keys. The vulnerability cannot be used to
inject or steal VPN traffic.

Release announcement:
https://openvpn.net/community-downloads/#heading-13812
Full list of changes:
https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn24#OpenVPN2.4.9

Signed-off-by: Magnus Kroken <mkroken@gmail.com>
(cherry-picked from commit d7e98bd7c5316f95cc11635371a39c6c0e18b9a7)
 2021-05-02 14:43:52 +02:00
Magnus Kroken
f82ddf9024 openvpn: update to 2.4.8 
Backport two upstream commits that allow building
openvpn-openssl without OpenSSLs deprecated APIs.

Full changelog:
https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn24#OpenVPN2.4.8

Signed-off-by: Magnus Kroken <mkroken@gmail.com>
(cherry-picked from commit bf43e5bbf91ca1a90df8dae3e2cce6bbb61d5cd9)
 2021-05-02 14:43:52 +02:00