ubuntu/+source/openvpn:applied/ubuntu/gutsy-updates

Last commit made on 2008-06-12
Get this branch:
git clone -b applied/ubuntu/gutsy-updates https://git.launchpad.net/ubuntu/+source/openvpn
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/gutsy-updates
Repository:
lp:ubuntu/+source/openvpn

Recent commits

5ac8f7b... by Jamie Strandboge on 2008-06-11

Import patches-applied version 2.0.9-8ubuntu0.3 to applied/ubuntu/gutsy-security

Imported using git-ubuntu import.

Changelog parent: 5ef3c97036e6355adcbd7e85568db50dd71bb415
Unapplied parent: 00e52398eecc425e0ad460ead8b662f9dab36479

New changelog entries:
  * init.c: send modulus to openssl-vulnkey rather than calling
    openssl-vulnkey on the file. This allows for password protected ssl keys
    (LP: #230197)
  * debian/control: Depends on openssl-blacklist > 0.3.2

00e5239... by Jamie Strandboge on 2008-06-11

Import patches-unapplied version 2.0.9-8ubuntu0.3 to ubuntu/gutsy-security

Imported using git-ubuntu import.

Changelog parent: 62906624e1e973c31188038ddc8ab6eb0ef20b36

New changelog entries:
  * init.c: send modulus to openssl-vulnkey rather than calling
    openssl-vulnkey on the file. This allows for password protected ssl keys
    (LP: #230197)
  * debian/control: Depends on openssl-blacklist > 0.3.2

5ef3c97... by Martin Pitt on 2008-05-14

Import patches-applied version 2.0.9-8ubuntu0.2 to applied/ubuntu/gutsy-security

Imported using git-ubuntu import.

Changelog parent: eed34996121aacbab751b29e065169f8ea48de90
Unapplied parent: 62906624e1e973c31188038ddc8ab6eb0ef20b36

New changelog entries:
  * init.c: Do not attempt to verify the key file with openvpn-vulnkey if it
    is not accessible (any more). This happens when using the 'user', 'group',
    or 'chroot' options in multi-client mode, and the SSL key file thus
    becomes unreadable from the second time on. If the key file is not
    accessible at the very start, this is already handled anyway, so we can
    safely ignore this condition. (LP: #230208)
    Note that this is not an issue when using pre-shared keys
    (do_init_crypto_static(), since multi-client mode only works with TLS.
    However, we also check it here just to be on the safe side.

6290662... by Martin Pitt on 2008-05-14

Import patches-unapplied version 2.0.9-8ubuntu0.2 to ubuntu/gutsy-security

Imported using git-ubuntu import.

Changelog parent: c9670af238ba433932b380ab54d0d6389b1c6972

New changelog entries:
  * init.c: Do not attempt to verify the key file with openvpn-vulnkey if it
    is not accessible (any more). This happens when using the 'user', 'group',
    or 'chroot' options in multi-client mode, and the SSL key file thus
    becomes unreadable from the second time on. If the key file is not
    accessible at the very start, this is already handled anyway, so we can
    safely ignore this condition. (LP: #230208)
    Note that this is not an issue when using pre-shared keys
    (do_init_crypto_static(), since multi-client mode only works with TLS.
    However, we also check it here just to be on the safe side.

eed3499... by Jamie Strandboge on 2008-05-13

Import patches-applied version 2.0.9-8ubuntu0.1 to applied/ubuntu/gutsy-security

Imported using git-ubuntu import.

Changelog parent: a729f3dd79cb69eca66d99508e8ea72eada6d7a8
Unapplied parent: c9670af238ba433932b380ab54d0d6389b1c6972

New changelog entries:
  * SECURITY UPDATE: don't allow use of known vulnerable weak SSL/TLS and
    shared secret keys caused by Debian openssl bug
  * init.c: patch do_init_crypto_static() to use openvpn-vulnkey and
    do_init_crypto_tls() to use openssl-vulnkey
  * debian/control: Depends on libssl0.9.8 (>= 0.9.8e-5ubuntu3.2),
    openssl-blacklist and openvpn-blacklist
  * add critical debconf note
  * References
    CVE-2008-0166
    http://www.ubuntu.com/usn/usn-612-1

c9670af... by Jamie Strandboge on 2008-05-13

Import patches-unapplied version 2.0.9-8ubuntu0.1 to ubuntu/gutsy-security

Imported using git-ubuntu import.

Changelog parent: 760f7b51472599ea8ed0331c3e1fc691a1deb3b5

New changelog entries:
  * SECURITY UPDATE: don't allow use of known vulnerable weak SSL/TLS and
    shared secret keys caused by Debian openssl bug
  * init.c: patch do_init_crypto_static() to use openvpn-vulnkey and
    do_init_crypto_tls() to use openssl-vulnkey
  * debian/control: Depends on libssl0.9.8 (>= 0.9.8e-5ubuntu3.2),
    openssl-blacklist and openvpn-blacklist
  * add critical debconf note
  * References
    CVE-2008-0166
    http://www.ubuntu.com/usn/usn-612-1

a729f3d... by Alberto Gonzalez Iniesta <email address hidden> on 2007-05-19

Import patches-applied version 2.0.9-8 to applied/ubuntu/gutsy

Imported using git-ubuntu import.

Changelog parent: 86981e43d76fba0563af5e81083b5f9675426452
Unapplied parent: 760f7b51472599ea8ed0331c3e1fc691a1deb3b5

New changelog entries:
  * Install /etc/openvpn/update-resolv-conf with correct permissions
  * Added script to update resolv.conf with server's settings.
    The script is located in the /etc/openvpn/ directory.
    Thanks a lot Christof Lauber for the script.
    Added resolvconf to Suggests.
  * Added LSB section to the init.d script.

760f7b5... by Alberto Gonzalez Iniesta <email address hidden> on 2007-05-19

Import patches-unapplied version 2.0.9-8 to ubuntu/gutsy

Imported using git-ubuntu import.

Changelog parent: e715a6976041245925b8c3cbb31cb7d19ee4302e

New changelog entries:
  * Install /etc/openvpn/update-resolv-conf with correct permissions
  * Added script to update resolv.conf with server's settings.
    The script is located in the /etc/openvpn/ directory.
    Thanks a lot Christof Lauber for the script.
    Added resolvconf to Suggests.
  * Added LSB section to the init.d script.

86981e4... by Alberto Gonzalez Iniesta <email address hidden> on 2007-05-15

Import patches-applied version 2.0.9-6 to applied/ubuntu/gutsy

Imported using git-ubuntu import.

Changelog parent: 2fbe75118caf15e96515f2f6ca84e18d247ca105
Unapplied parent: e715a6976041245925b8c3cbb31cb7d19ee4302e

New changelog entries:
  * Fixed init.d script to avoid running multiple instances of the
    same VPN. Thanks Keith Kyzivat for pushing me into looking
    again into this issue. (Closes: #326080)
  * Included patch to README.Debian from Peter Rabbitson describing
    /etc/network/interfaces integration. (Closes: #413732)
  * Also included joeyh's suggestion on the previous subject.
    (Closes: 419797)
  * Avoid restarting a vpn instead of reloading it due to wrong
    detection of 'user' option in init.d script. Thanks Josip Rodin.
    (Closes: 403503)
  * Added Russian debconf translation. (Closes: #414088)
    Thanks Yuriy Talakan.
  * Built against liblzo2 instead of liblzo. (Closes: #423366)

e715a69... by Alberto Gonzalez Iniesta <email address hidden> on 2007-05-15

Import patches-unapplied version 2.0.9-6 to ubuntu/gutsy

Imported using git-ubuntu import.

Changelog parent: 6ddf31fe74bdf7712c0f63143b861472680e4fa5

New changelog entries:
  * Fixed init.d script to avoid running multiple instances of the
    same VPN. Thanks Keith Kyzivat for pushing me into looking
    again into this issue. (Closes: #326080)
  * Included patch to README.Debian from Peter Rabbitson describing
    /etc/network/interfaces integration. (Closes: #413732)
  * Also included joeyh's suggestion on the previous subject.
    (Closes: 419797)
  * Avoid restarting a vpn instead of reloading it due to wrong
    detection of 'user' option in init.d script. Thanks Josip Rodin.
    (Closes: 403503)
  * Added Russian debconf translation. (Closes: #414088)
    Thanks Yuriy Talakan.
  * Built against liblzo2 instead of liblzo. (Closes: #423366)