License-Update: Update copyright years to 2024 ChangeLog: https://github.com/OpenVPN/openvpn/blob/v2.6.10/Changes.rst
Security fixes: CVE-2024-27459: Windows: fix a possible stack overflow in the interactive service component which might lead to a local privilege escalation. CVE-2024-24974: Windows: disallow access to the interactive service pipe from remote computers. CVE-2024-27903: Windows: disallow loading of plugins from untrusted installation paths, which could be used to attack openvpn.exe via a malicious plugin. Plugins can now only be loaded from the OpenVPN install directory, the Windows system directory, and possibly from a directory specified by HKLM\SOFTWARE\OpenVPN\plugin_dir. CVE-2024-1305: Windows TAP driver: Fix potential integer overflow in !TapSharedSendPacket. Signed-off-by: Yi Zhao <yi.z...@windriver.com> --- .../openvpn/{openvpn_2.6.9.bb => openvpn_2.6.10.bb} | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) rename meta-networking/recipes-support/openvpn/{openvpn_2.6.9.bb => openvpn_2.6.10.bb} (95%) diff --git a/meta-networking/recipes-support/openvpn/openvpn_2.6.9.bb b/meta-networking/recipes-support/openvpn/openvpn_2.6.10.bb similarity index 95% rename from meta-networking/recipes-support/openvpn/openvpn_2.6.9.bb rename to meta-networking/recipes-support/openvpn/openvpn_2.6.10.bb index 3af6b30a7..f8de78ff7 100644 --- a/meta-networking/recipes-support/openvpn/openvpn_2.6.9.bb +++ b/meta-networking/recipes-support/openvpn/openvpn_2.6.10.bb @@ -2,7 +2,7 @@ SUMMARY = "A full-featured SSL VPN solution via tun device." HOMEPAGE = "https://openvpn.net/" SECTION = "net" LICENSE = "GPL-2.0-only" -LIC_FILES_CHKSUM = "file://COPYING;md5=4b34e946059f80dcfd811e8dd471b5ed" +LIC_FILES_CHKSUM = "file://COPYING;md5=89196bacc47ed37a5b242a535661a049" DEPENDS = "lzo lz4 openssl iproute2 libcap-ng ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}" inherit autotools systemd update-rc.d pkgconfig @@ -14,7 +14,7 @@ SRC_URI = "http://swupdate.openvpn.org/community/releases/${BP}.tar.gz \ UPSTREAM_CHECK_URI = "https://openvpn.net/community-downloads" -SRC_URI[sha256sum] = "e08d147e15b4508dfcd1d6618a1f21f1495f9817a8dadc1eddf0532fa116d7e3" +SRC_URI[sha256sum] = "1993bbb7b9edb430626eaa24573f881fd3df642f427fcb824b1aed1fca1bcc9b" CVE_STATUS[CVE-2020-27569] = "not-applicable-config: Applies only Aviatrix OpenVPN client, not openvpn" -- 2.25.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#109502): https://lists.openembedded.org/g/openembedded-devel/message/109502 Mute This Topic: https://lists.openembedded.org/mt/105063563/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-