Overview Repositories Revisions Requests Users Attributes Meta

Revisions of openvpn

Nirmoy Das's avatar Nirmoy Das (ndas) accepted request 544813 from Richard Brown's avatar Richard Brown (RBrownSUSE) (revision 129) 
Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468)
buildservice-autocommit accepted request 533032 from Nirmoy Das's avatar Nirmoy Das (ndas) (revision 128) 
baserev update by copy to link target
Nirmoy Das's avatar Nirmoy Das (ndas) accepted request 533031 from Nirmoy Das's avatar Nirmoy Das (ndas) (revision 127) 
- Do bound check in read_key before using values(CVE-2017-12166 bsc#1060877).
  [+ 0002-Fix-bounds-check-in-read_key.patch]
buildservice-autocommit accepted request 531163 from Nirmoy Das's avatar Nirmoy Das (ndas) (revision 126) 
baserev update by copy to link target
Nirmoy Das's avatar Nirmoy Das (ndas) accepted request 516148 from Sebastian Wagner's avatar Sebastian Wagner (sebix) (revision 125) 
remove empty wrong directory form filelist
Nirmoy Das's avatar Nirmoy Das (ndas) accepted request 505857 from Nirmoy Das's avatar Nirmoy Das (ndas) (revision 124) 
- Update to 2.4.3 (bsc#1045489)
    - Ignore auth-nocache for auth-user-pass if auth-token is pushed
    - crypto: Enable SHA256 fingerprint checking in --verify-hash
    - copyright: Update GPLv2 license texts
    - auth-token with auth-nocache fix broke --disable-crypto builds
    - OpenSSL: don't use direct access to the internal of X509
    - OpenSSL: don't use direct access to the internal of EVP_PKEY
    - OpenSSL: don't use direct access to the internal of RSA
    - OpenSSL: don't use direct access to the internal of DSA
    - OpenSSL: force meth->name as non-const when we free() it
    - OpenSSL: don't use direct access to the internal of EVP_MD_CTX
    - OpenSSL: don't use direct access to the internal of EVP_CIPHER_CTX
    - OpenSSL: don't use direct access to the internal of HMAC_CTX
    - Fix NCP behaviour on TLS reconnect.
    - Remove erroneous limitation on max number of args for --plugin
    - Fix edge case with clients failing to set up cipher on empty PUSH_REPLY.
    - Fix potential 1-byte overread in TCP option parsing.
    - Fix remotely-triggerable ASSERT() on malformed IPv6 packet.
    - Preparing for release v2.4.3 (ChangeLog, version.m4, Changes.rst)
    - refactor my_strupr
    - Fix 2 memory leaks in proxy authentication routine
    - Fix memory leak in add_option() for option 'connection'
    - Ensure option array p[] is always NULL-terminated
    - Fix a null-pointer dereference in establish_http_proxy_passthru()
    - Prevent two kinds of stack buffer OOB reads and a crash for invalid input data
    - Fix an unaligned access on OpenBSD/sparc64
    - Missing include for socket-flags TCP_NODELAY on OpenBSD
    - Make openvpn-plugin.h self-contained again.
    - Pass correct buffer size to GetModuleFileNameW()
    - Log the negotiated (NCP) cipher
buildservice-autocommit accepted request 504783 from Nirmoy Das's avatar Nirmoy Das (ndas) (revision 123) 
baserev update by copy to link target
Nirmoy Das's avatar Nirmoy Das (ndas) accepted request 504782 from Nirmoy Das's avatar Nirmoy Das (ndas) (revision 122) 
- use %{_tmpfilesdir} for tmpfiles.d/openvpn.conf (bsc#1044223)
buildservice-autocommit accepted request 501452 from Nirmoy Das's avatar Nirmoy Das (ndas) (revision 121) 
baserev update by copy to link target
Nirmoy Das's avatar Nirmoy Das (ndas) accepted request 501441 from Nirmoy Das's avatar Nirmoy Das (ndas) (revision 120) 
- cleanup the spec file
Nirmoy Das's avatar Nirmoy Das (ndas) accepted request 501439 from Nirmoy Das's avatar Nirmoy Das (ndas) (revision 119) 
- pkcs11-helper-devel >= 1.11 is needed for openvpn-2.4.2
Nirmoy Das's avatar Nirmoy Das (ndas) committed (revision 118) 
- Update tp 2.4.2
    - auth-token: Ensure tokens are always wiped on de-auth
    - Make --cipher/--auth none more explicit on the risks
    - Use SHA256 for the internal digest, instead of MD5
    - Deprecate --ns-cert-type
    - Deprecate --no-iv
    - Support --block-outside-dns on multiple tunnels
    - Limit --reneg-bytes to 64MB when using small block ciphers
    - Fix --tls-version-max in mbed TLS builds
  Details changelogs are avilable in 
  https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn24
  [*0001-preform-deferred-authentication-in-the-background.patch
   *openvpn-2.3.x-fixed-multiple-low-severity-issues.patch
   *openvpn-fips140-2.3.2.patch]
Nirmoy Das's avatar Nirmoy Das (ndas) committed (revision 117)
buildservice-autocommit accepted request 492826 from Factory Maintainer's avatar Factory Maintainer (factory-maintainer) (revision 116) 
baserev update by copy to link target
Marius Tomaschewski's avatar Marius Tomaschewski (mtomaschewski) accepted request 489820 from Nirmoy Das's avatar Nirmoy Das (ndas) (revision 115) 
- Preform deferred authentication in the background to not
  cause main daemon processing delays when the underlying pam mechanism (e.g.
  ldap) needs longer to response (bsc#959511).
  [+ 0001-preform-deferred-authentication-in-the-background.patch]
- Added fix for possible heap overflow on read accessing getaddrinfo 
  result (bsc#959714).
  [+openvpn-2.3.9-Fix-heap-overflow-on-getaddrinfo-result.patch]
- Added a patch to fix multiple low severity issues (bsc#934237).
  [+openvpn-2.3.x-fixed-multiple-low-severity-issues.patch]
buildservice-autocommit accepted request 452118 from Nirmoy Das's avatar Nirmoy Das (ndas) (revision 114) 
baserev update by copy to link target
Nirmoy Das's avatar Nirmoy Das (ndas) accepted request 451851 from Marcus Rueckert's avatar Marcus Rueckert (darix) (revision 113) 
- silence warning about %{_rundir}/openvpn
  - for non systemd case: just package the %{_rundir}/openvpn in
    the package
  - for systemd case: call systemd-tmpfiles and own the dir as
    %ghost in the filelist

- refreshed patches to apply cleanly again
  openvpn-2.3-plugin-man.dif
  openvpn-fips140-2.3.2.patch

- update to 2.3.14
  - update year in copyright message
  - Document the --auth-token option
  - Repair topology subnet on FreeBSD 11
  - Repair topology subnet on OpenBSD
  - Drop recursively routed packets
  - Support --block-outside-dns on multiple tunnels
  - When parsing '--setenv opt xx ..' make sure a third parameter
    is present
  - Map restart signals from event loop to SIGTERM during
    exit-notification wait
  - Correctly state the default dhcp server address in man page
  - Clean up format_hex_ex()
- enabled pkcs11 support
buildservice-autocommit accepted request 449352 from Nirmoy Das's avatar Nirmoy Das (ndas) (revision 112) 
baserev update by copy to link target
Nirmoy Das's avatar Nirmoy Das (ndas) accepted request 443666 from Michael Ströder's avatar Michael Ströder (stroeder) (revision 111) 
- update to 2.3.13
- successfully tested as VPN client on TW x86_64
- please review FIPS patch update carefully
buildservice-autocommit accepted request 442517 from Marius Tomaschewski's avatar Marius Tomaschewski (mtomaschewski) (revision 110) 
baserev update by copy to link target
Displaying revisions 81 - 100 of 209
openSUSE Build Service is sponsored by
Places