[PATCH] openvpn: Update to version 2.6.16

[Adolf Belka]

- Update from version 2.6.15 to 2.6.16
- No change to rootfile
- Changelog
    2.6.16
        Security fixes:
            CVE-2025-13086: Fix memcmp check for the hmac verification in the 
3way
                handshake. This bug renders the HMAC based protection against 
state
                exhaustion on receiving spoofed TLS handshake packets in the 
OpenVPN
                server inefficient.
        Bug fixes:
            fix invalid pointer creation in tls_pre_decrypt() - technically 
this is a
                memory over-read issue, in practice, the compilers optimize it 
away so
                no negative effects could be observed.
            Windows: in the interactive service, fix the "undo DNS config" 
handling.
            Windows: in the interactive service, disallow using of "stdin" for 
the
                config file, unless the caller is authorized OpenVPN 
Administrator
            Windows: in the interactive service, change all netsh calls to use
                interface index and not interface name - sidesteps all possible 
attack
                avenues with special characters in interface names.
            Windows: in the interactive service, improve error handling in some
                "unlikely to happen" paths.
            auth plugin/script handling: properly check for errors in creation 
on
                $auth_failed_reason_file (arf).
            for incoming TCP connections, close-on-exec option was applied to 
the wrong
                socket fd, leaking socket FDs to child processes.
            sitnl: set close-on-exec flag on netlink socket
            ssl_mbedtls: fix missing perf_pop() call (optional performance 
profiling)
        Windows MSI changes since 2.6.15-I001:
            Built against OpenSSL 3.6.0
            Included openvpn-gui updated to 11.58.0.0
                Check the return value of GetProp()
                Make config path check similar to that in interactive service
                Escape the type id of password message received from openvpn
                Add a message source for event logging
                Check correct management daemon path when OpenVPN3 is enabled
                Fix OpenVPN3 radio button label size when OVPN3 is enabled
                Use GetTempPath() for debug file in plap as well
                Migrate all saved plain usernames to encrypted format
            Included win-dco driver updated to 2.8.0

Signed-off-by: Adolf Belka <adolf.be...@ipfire.org>
---
 lfs/openvpn | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lfs/openvpn b/lfs/openvpn
index 152e25f63..9252c44f8 100644
--- a/lfs/openvpn
+++ b/lfs/openvpn
@@ -24,7 +24,7 @@
 
 include Config
 
-VER        = 2.6.15
+VER        = 2.6.16
 
 THISAPP    = openvpn-$(VER)
 DL_FILE    = $(THISAPP).tar.gz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_BLAKE2 = 
d77f8d67bffeb7cdd6fe9b3892add3b62001d7e01d5f9b0703f57a5a5a19c58a9dfb5e86b6ba1acad743c39af1d965b2180d6a5fabd32d40cddf4b13f3d91b46
+$(DL_FILE)_BLAKE2 = 
d4219d5974ecb0d73b865f436ed5a57874dee7295446a10d47354024564a25098ea2210f3356f3938fd24fb99c2310797bb70936ad5423eafad7cbacc94c71c5
 
 install : $(TARGET)
 
-- 
2.51.2