[Buildroot] [PATCH] openvpn: security bump to version 2.4.3
Peter Korsgaard
peter at korsgaard.com
Mon Jun 26 12:38:59 UTC 2017
>>>>> "Baruch" == Baruch Siach <baruch at tkos.co.il> writes:
> Fixes:
> CVE-2017-7508 - Remotely-triggerable ASSERT() on malformed IPv6 packet
> CVE-2017-7520 - Pre-authentication remote crash/information disclosure for
> clients
> CVE-2017-7521 - Potential double-free in --x509-alt-username
> CVE-2017-7521 - Remote-triggerable memory leaks
> CVE-2017-7522 - Post-authentication remote DoS when using the --x509-track
> option
> Details at
> https://community.openvpn.net/openvpn/wiki/VulnerabilitiesFixedInOpenVPN243
> Cc: Gustavo Zacarias <gustavo at zacarias.com.ar>
> Signed-off-by: Baruch Siach <baruch at tkos.co.il>
Committed to 2017.02.x and 2017.05.x, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list