svn commit: r444124 - branches/2017Q2/security/openvpn23
Matthias Andree
mandree at FreeBSD.org
Thu Jun 22 17:26:33 UTC 2017
Author: mandree
Date: Thu Jun 22 17:26:32 2017
New Revision: 444124
URL: https://svnweb.freebsd.org/changeset/ports/444124
Log:
OpenVPN security update to 2.3.17
OpenVPN v2.4.2 was analyzed closely using a fuzzer by Guido Vranken. In
the process several vulnerabilities were found, some of which are
remotely exploitable in certain circumstances, and the fixes have been
backported to v2.3.x.
Changelog:
<https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn23#OpenVPN2.3.17>
Security: 9f65d382-56a4-11e7-83e3-080027ef73ec
Security: CVE-2017-7508
Security: CVE-2017-7512
Security: CVE-2017-7520
Security: CVE-2017-7521
Security: CVE-2017-7522
Approved by: ports-secteam@ (delphij@)
Modified:
branches/2017Q2/security/openvpn23/Makefile
branches/2017Q2/security/openvpn23/distinfo
Modified: branches/2017Q2/security/openvpn23/Makefile
==============================================================================
--- branches/2017Q2/security/openvpn23/Makefile Thu Jun 22 17:24:42 2017 (r444123)
+++ branches/2017Q2/security/openvpn23/Makefile Thu Jun 22 17:26:32 2017 (r444124)
@@ -2,7 +2,7 @@
# $FreeBSD$
PORTNAME= openvpn
-DISTVERSION= 2.3.16
+DISTVERSION= 2.3.17
CATEGORIES= security net
MASTER_SITES= https://swupdate.openvpn.net/community/releases/ \
https://build.openvpn.net/downloads/releases/
@@ -12,7 +12,7 @@ MAINTAINER= mandree at FreeBSD.org
COMMENT?= Secure IP/Ethernet tunnel daemon
DEPRECATED= Replaced by new upstream release 2.4.x
-EXPIRATION_DATE= 2017-03-31
+EXPIRATION_DATE= 2017-06-30
LICENSE= GPLv2
@@ -63,8 +63,9 @@ OPENSSL_USES= ssl
OPENSSL_CONFIGURE_ON= --with-crypto-library=openssl
# Pin the libmbedtls version because the 2.3.x port can't work with .so.10 or
-# newer from the security/mbedtls package. Upstream works in progress
-# for OpenVPN 2.4 to use mbedTLS 2.X.
+# newer from the security/mbedtls package.
+# Recent upstream 2.4 versions can use mbedTLS 2.X, and there is a
+# corresponding port.
POLARSSL_LIB_DEPENDS= libmbedtls.so.9:security/polarssl13
POLARSSL_CONFIGURE_ON= --with-crypto-library=polarssl
Modified: branches/2017Q2/security/openvpn23/distinfo
==============================================================================
--- branches/2017Q2/security/openvpn23/distinfo Thu Jun 22 17:24:42 2017 (r444123)
+++ branches/2017Q2/security/openvpn23/distinfo Thu Jun 22 17:26:32 2017 (r444124)
@@ -1,3 +1,3 @@
-TIMESTAMP = 1495220261
-SHA256 (openvpn-2.3.16.tar.xz) = efb4bd5450df7fc7b11143ee81a8fad8aaddeaefe645657c1eebb14a1377b475
-SIZE (openvpn-2.3.16.tar.xz) = 831428
+TIMESTAMP = 1498151556
+SHA256 (openvpn-2.3.17.tar.xz) = d300029416b045666f2dc957bdde407ba97894428b5ad8433df789e793ccc1d3
+SIZE (openvpn-2.3.17.tar.xz) = 846664
More information about the svn-ports-branches
mailing list