[Buildroot] [PATCH] openvpn: security bump to version 2.4.3

Peter Korsgaard peter at korsgaard.com
Mon Jun 26 12:38:59 UTC 2017


>>>>> "Baruch" == Baruch Siach <baruch at tkos.co.il> writes:

 > Fixes:
 > CVE-2017-7508 - Remotely-triggerable ASSERT() on malformed IPv6 packet

 > CVE-2017-7520 - Pre-authentication remote crash/information disclosure for
 > clients

 > CVE-2017-7521 - Potential double-free in --x509-alt-username

 > CVE-2017-7521 - Remote-triggerable memory leaks

 > CVE-2017-7522 - Post-authentication remote DoS when using the --x509-track
 > option

 > Details at

 >   https://community.openvpn.net/openvpn/wiki/VulnerabilitiesFixedInOpenVPN243

 > Cc: Gustavo Zacarias <gustavo at zacarias.com.ar>
 > Signed-off-by: Baruch Siach <baruch at tkos.co.il>

Committed to 2017.02.x and 2017.05.x, thanks.

-- 
Bye, Peter Korsgaard


More information about the buildroot mailing list