git: dc23bad4bef9 - 2025Q4 - security/openvpn-devel: upgrade port to git commit d6ee27b4ff (2.7_rc2, 2025-11-17)
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Mon, 17 Nov 2025 22:27:28 UTC
The branch 2025Q4 has been updated by mandree:
URL: https://cgit.FreeBSD.org/ports/commit/?id=dc23bad4bef90455df9fdbf398a43b5f90b66a8a
commit dc23bad4bef90455df9fdbf398a43b5f90b66a8a
Author: Gert Doering <gert@greenie.muc.de>
AuthorDate: 2025-11-17 21:35:25 +0000
Commit: Matthias Andree <mandree@FreeBSD.org>
CommitDate: 2025-11-17 22:14:14 +0000
security/openvpn-devel: upgrade port to git commit d6ee27b4ff (2.7_rc2, 2025-11-17)
This commit brings the port to "openvpn 2.7_rc2"
Changes of interest for FreeBSD:
- IPv6 address parsing: fix buffer overread on invalid input
(CVE-2025-12106)
- HMAC verification check: fix incorrect memcmp() call
(CVE-2025-13086)
- even more type conversion related warnings have been fixed
- DCO FreeBSD improvements:
improving debug messages (verb 6)
implement client-side counter handling
repair --inactive (and document shortcomings)
repair handling of DCO disconnection notifications in --client mode
- improve cmocka unit test assert() handling
- PUSH_UPDATE server: fix reporting of client IPs in ``status`` output
after pushing a new IPv4/IPv6 address to client
- AEAD cipher safety margins: fix calculation of AEAD blocks in use
(old code would undercount blocks)
- fix invalid pointer creation / memory overread in tls_pre_decrypt
- deprecate ``--opt-verify`` (change into no-op + warning)
-- additions by mandree@ --
Security: 50a0c266-c3ff-11f0-b513-0da7be77c170
Security: CVE-2025-12106
Security: 17a40d76-c3fd-11f0-b513-0da7be77c170
Security: CVE-2025-13086
MFH: 2025Q4
(cherry picked from commit 29388509d66aa002f0b88c76f91df2b31e070ba7)
---
security/openvpn-devel/Makefile | 4 ++--
security/openvpn-devel/distinfo | 6 +++---
2 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/security/openvpn-devel/Makefile b/security/openvpn-devel/Makefile
index 3f24ec986421..1fa17d217cc5 100644
--- a/security/openvpn-devel/Makefile
+++ b/security/openvpn-devel/Makefile
@@ -1,5 +1,5 @@
PORTNAME= openvpn
-DISTVERSION= g20251031
+DISTVERSION= g20251117
PORTREVISION= 0 # leave in even if 0 to avoid accidental PORTEPOCH bumps
PORTEPOCH= 1
CATEGORIES= security net net-vpn
@@ -21,7 +21,7 @@ LIB_DEPENDS+= liblzo2.so:archivers/lzo2
USES= autoreconf cpe libtool pkgconfig python:build shebangfix tar:xz
IGNORE_SSL= libressl libressl-devel
USE_GITLAB= yes
-GL_TAGNAME= 4281449ba4db2de57375aa7087ef5920aeba10de
+GL_TAGNAME= d6ee27b4ff31e4469d699f3bfd7b9998ab167230
USE_RC_SUBR= openvpn
SHEBANG_FILES= sample/sample-scripts/auth-pam.pl \
diff --git a/security/openvpn-devel/distinfo b/security/openvpn-devel/distinfo
index d9cc4a7e963d..6d2c15323da2 100644
--- a/security/openvpn-devel/distinfo
+++ b/security/openvpn-devel/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1761983634
-SHA256 (openvpn-openvpn-4281449ba4db2de57375aa7087ef5920aeba10de_GL0.tar.gz) = 2e50b77994c1e589f86d772bd5f4a5d2e2f999b614e268b73c4672153e3028ae
-SIZE (openvpn-openvpn-4281449ba4db2de57375aa7087ef5920aeba10de_GL0.tar.gz) = 1343555
+TIMESTAMP = 1763394774
+SHA256 (openvpn-openvpn-d6ee27b4ff31e4469d699f3bfd7b9998ab167230_GL0.tar.gz) = 8f57323446853027ed6140521b8485aff100d5858877083059dfaed64ff92edb
+SIZE (openvpn-openvpn-d6ee27b4ff31e4469d699f3bfd7b9998ab167230_GL0.tar.gz) = 1347484