diff options
| author |   Yi Zhao <yi.zhao@windriver.com> | 2024-03-21 20:00:42 +0800 |
|---|---|---|
| committer |   Khem Raj <raj.khem@gmail.com> | 2024-03-21 08:46:06 -0700 |
| commit | 8f9b4e04b156e64f68171bf1ce5eeeb82ca2a9b0 (patch) | |
| tree | b7f5fda3bbc396bbfdb6f30581b28c64ec56addd /meta-networking | |
| parent | 2037afbc3289769ce1b02173306b5cdaccfbc255 (diff) | |
| download | meta-openembedded-contrib-8f9b4e04b156e64f68171bf1ce5eeeb82ca2a9b0.tar.gz | |
openvpn: upgrade 2.6.9 -> 2.6.10
License-Update: Update copyright years to 2024
ChangeLog:
https://github.com/OpenVPN/openvpn/blob/v2.6.10/Changes.rst
Security fixes:
CVE-2024-27459: Windows: fix a possible stack overflow in the
interactive service component which might lead to a local privilege
escalation.
CVE-2024-24974: Windows: disallow access to the interactive service pipe
from remote computers.
CVE-2024-27903: Windows: disallow loading of plugins from untrusted
installation paths, which could be used to attack openvpn.exe via a
malicious plugin. Plugins can now only be loaded from the OpenVPN
install directory, the Windows system directory, and possibly from a
directory specified by HKLM\SOFTWARE\OpenVPN\plugin_dir.
CVE-2024-1305: Windows TAP driver: Fix potential integer overflow in
!TapSharedSendPacket.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Diffstat (limited to 'meta-networking')
| -rw-r--r-- | meta-networking/recipes-support/openvpn/openvpn_2.6.10.bb (renamed from meta-networking/recipes-support/openvpn/openvpn_2.6.9.bb) | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/meta-networking/recipes-support/openvpn/openvpn_2.6.9.bb b/meta-networking/recipes-support/openvpn/openvpn_2.6.10.bb index 3af6b30a70..f8de78ff74 100644 --- a/meta-networking/recipes-support/openvpn/openvpn_2.6.9.bb +++ b/meta-networking/recipes-support/openvpn/openvpn_2.6.10.bb @@ -2,7 +2,7 @@ SUMMARY = "A full-featured SSL VPN solution via tun device." HOMEPAGE = "https://openvpn.net/" SECTION = "net" LICENSE = "GPL-2.0-only" -LIC_FILES_CHKSUM = "file://COPYING;md5=4b34e946059f80dcfd811e8dd471b5ed" +LIC_FILES_CHKSUM = "file://COPYING;md5=89196bacc47ed37a5b242a535661a049" DEPENDS = "lzo lz4 openssl iproute2 libcap-ng ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}" inherit autotools systemd update-rc.d pkgconfig @@ -14,7 +14,7 @@ SRC_URI = "http://swupdate.openvpn.org/community/releases/${BP}.tar.gz \ UPSTREAM_CHECK_URI = "https://openvpn.net/community-downloads" -SRC_URI[sha256sum] = "e08d147e15b4508dfcd1d6618a1f21f1495f9817a8dadc1eddf0532fa116d7e3" +SRC_URI[sha256sum] = "1993bbb7b9edb430626eaa24573f881fd3df642f427fcb824b1aed1fca1bcc9b" CVE_STATUS[CVE-2020-27569] = "not-applicable-config: Applies only Aviatrix OpenVPN client, not openvpn" |