git: 5f2c6fc6b905 - main - security/openvpn-devel: upgrade port to git commit 0fb5a00549 (2.7_beta2, 2025-09-25)

From: Matthias Andree <mandree_at_FreeBSD.org>
Date: Thu, 25 Sep 2025 23:35:23 UTC 
The branch main has been updated by mandree:

URL: https://cgit.FreeBSD.org/ports/commit/?id=5f2c6fc6b90582ad187be6c0387b059f2f0dfefb

commit 5f2c6fc6b90582ad187be6c0387b059f2f0dfefb
Author:     Gert Doering <gert@greenie.muc.de>
AuthorDate: 2025-09-25 09:17:32 +0000
Commit:     Matthias Andree <mandree@FreeBSD.org>
CommitDate: 2025-09-25 23:34:59 +0000

    security/openvpn-devel: upgrade port to git commit 0fb5a00549 (2.7_beta2, 2025-09-25)
    
    This commit brings the port to "openvpn 2.7_beta2".
    
    Notable changes beta1 -> beta2 (relevant for FreeBSD) are:
       - even more of signed/unsigned related warnings have been fixed
       - #pragmas have been added to all to-be-fixed source files, so we can
         now always enable -Wconversion to see if new code brings new warnings
         (and the CI infra builds with -Werror)
       - add proper input sanitation to DNS strings to prevent an attack
         coming from a trusted-but-malicous OpenVPN server (CVE: 2025-10680,
         affects unixoid systems with --dns-updown scripts and windows using
         the built-in powershell call)
       - Switch test_ssl certificate from RSA 2048 to secp384r1
         (so "make check" runs with OpenSSL set to @SECLEVEL=3)
       - clean up MI prefix handling
       - replace all assert() calls with OpenVPN ASSERT()
    
    PR:             289838
    Security:       e5cf9f44-9a64-11f0-8241-93c889bb8de1
    Security:       CVE-2025-10680
    MFH:            2025Q3
---
 security/openvpn-devel/Makefile | 4 ++--
 security/openvpn-devel/distinfo | 6 +++---
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/security/openvpn-devel/Makefile b/security/openvpn-devel/Makefile
index bc04c60e5f14..b97bf2df6c61 100644
--- a/security/openvpn-devel/Makefile
+++ b/security/openvpn-devel/Makefile
@@ -1,5 +1,5 @@
 PORTNAME=	openvpn
-DISTVERSION=	g20250905
+DISTVERSION=	g20250925
 PORTREVISION=	0  # leave in even if 0 to avoid accidental PORTEPOCH bumps
 PORTEPOCH=	1
 CATEGORIES=	security net net-vpn
@@ -21,7 +21,7 @@ LIB_DEPENDS+=	liblzo2.so:archivers/lzo2
 USES=		autoreconf cpe libtool pkgconfig python:build shebangfix tar:xz
 IGNORE_SSL=	libressl libressl-devel
 USE_GITLAB=	yes
-GL_TAGNAME=	1e7b9a0fb021f0a64e76369f4efd2001d50ef42b
+GL_TAGNAME=	0fb5a00549be6b065f9a4d61940ee06786d9fa61
 USE_RC_SUBR=	openvpn
 
 SHEBANG_FILES=	sample/sample-scripts/auth-pam.pl \
diff --git a/security/openvpn-devel/distinfo b/security/openvpn-devel/distinfo
index 5af62172f472..496559990a5d 100644
--- a/security/openvpn-devel/distinfo
+++ b/security/openvpn-devel/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1757057338
-SHA256 (openvpn-openvpn-1e7b9a0fb021f0a64e76369f4efd2001d50ef42b_GL0.tar.gz) = bbc283697162a50ea3a107c00f319216eba8ec0ba4b2ff4ea29ca85f92d60f3a
-SIZE (openvpn-openvpn-1e7b9a0fb021f0a64e76369f4efd2001d50ef42b_GL0.tar.gz) = 1333583
+TIMESTAMP = 1758791563
+SHA256 (openvpn-openvpn-0fb5a00549be6b065f9a4d61940ee06786d9fa61_GL0.tar.gz) = c9502407a96db677c9ea2665821a1f16042ed9853ce46c51db3e5064800a9a47
+SIZE (openvpn-openvpn-0fb5a00549be6b065f9a4d61940ee06786d9fa61_GL0.tar.gz) = 1338386