freebsd-ports/security/openvpn-devel at 4043e89ea779ba1be56ceca7007bf1fc45b95d29 - mykola/freebsd-ports - laingit: close this repo, open the next

mykola/freebsd-ports

forked from Lainports/freebsd-ports

History

Matthias Andree 110af6a7be security/openvpn-devel: upgrade port to git commit efad93d049 (2023-11-17) contains a number of bugfixes and minor improvements, plus fixes for two bugs that have been assigned CVEs: - CVE-2023-46850 OpenVPN versions between 2.6.0 and 2.6.6 incorrectly use a send buffer after it has been free()d in some circumstances, causing some free()d memory to be sent to the peer. All configurations using TLS (e.g. not using --secret) are affected by this issue. (found while tracking down CVE-2023-46849 / Github #400, #417) - CVE-2023-46849 OpenVPN versions between 2.6.0 and 2.6.6 incorrectly restore "--fragment" configuration in some circumstances, leading to a division by zero when "--fragment" is used. On platforms where division by zero is fatal, this will cause an OpenVPN crash. see also https://community.openvpn.net/openvpn/wiki/SecurityAnnouncements Also adjust files/patch-tests__t_cltsrv.sh because upstream commit d623aa6c29 conflicts with this patch. Security: 2fe004f5-83fd-11ee-9f5d-31909fb2f495 Security: CVE-2023-46849 Security: CVE-2023-46850		2023-12-31 07:22:41 +01:00
..
files
distinfo
Makefile
pkg-descr
pkg-plist