ubuntu/+source/openvpn:applied/ubuntu/zesty-updates

Last commit made on 2017-06-22
Get this branch:
git clone -b applied/ubuntu/zesty-updates https://git.launchpad.net/ubuntu/+source/openvpn
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/zesty-updates
Repository:
lp:ubuntu/+source/openvpn

Recent commits

9340d2c... by Marc Deslauriers on 2017-06-22

Import patches-applied version 2.4.0-4ubuntu1.3 to applied/ubuntu/zesty-security

Imported using git-ubuntu import.

Changelog parent: b9964f1e157c20237ffa69f51e22c3806394108d
Unapplied parent: d13b625dc36f6a3b20af34ad2e88ab1300d409c7

New changelog entries:
  * SECURITY UPDATE: Remotely-triggerable ASSERT() on malformed IPv6 packet
    - debian/patches/CVE-2017-7508.patch: remove assert in
      src/openvpn/mss.c.
    - CVE-2017-7508
  * SECURITY UPDATE: Remote-triggerable memory leaks
    - debian/patches/CVE-2017-7512.patch: fix leaks in
      src/openvpn/ssl_verify_openssl.c.
    - CVE-2017-7512
  * SECURITY UPDATE: Pre-authentication remote crash/information disclosure
    for clients
    - debian/patches/CVE-2017-7520.patch: prevent two kinds of stack buffer
      OOB reads and a crash for invalid input data in src/openvpn/ntlm.c.
    - CVE-2017-7520
  * SECURITY UPDATE: Potential double-free in --x509-alt-username and
    memory leaks
    - debian/patches/CVE-2017-7521.patch: fix double-free in
      src/openvpn/ssl_verify_openssl.c.
    - CVE-2017-7521
  * SECURITY UPDATE: DoS in establish_http_proxy_passthru()
    - debian/patches/establish_http_proxy_passthru_dos.patch: fix
      null-pointer dereference in src/openvpn/proxy.c.
    - No CVE number

d13b625... by Marc Deslauriers on 2017-06-22

[PATCH] Fix a null-pointer dereference in

Gbp-Pq: establish_http_proxy_passthru_dos.patch.

04ee22f... by Marc Deslauriers on 2017-06-22

[PATCH] Fix potential double-free in --x509-alt-username

Gbp-Pq: CVE-2017-7521.patch.

09b5ab0... by Marc Deslauriers on 2017-06-22

[PATCH] Prevent two kinds of stack buffer OOB reads and a crash for

Gbp-Pq: CVE-2017-7520.patch.

81c783f... by Marc Deslauriers on 2017-06-22

[PATCH] Fix remote-triggerable memory leaks (CVE-2017-7521)

Gbp-Pq: CVE-2017-7512.patch.

88b5f6c... by Marc Deslauriers on 2017-06-22

[PATCH] Fix remotely-triggerable ASSERT() on malformed IPv6 packet.

Gbp-Pq: CVE-2017-7508.patch.

b1bf66a... by Marc Deslauriers on 2017-06-22

[PATCH] auth-token: Ensure tokens are always wiped on de-auth

Gbp-Pq: wipe_tokens_on_de-auth.patch.

dc95bf1... by Marc Deslauriers on 2017-06-22

[PATCH 2/2] Drop packets instead of asserting out if packet id rolls

Gbp-Pq: CVE-2017-7479.patch.

bfa5b02... by Marc Deslauriers on 2017-06-22

[PATCH] cleanup: merge packet_id_alloc_outgoing() into

Gbp-Pq: CVE-2017-7479-prereq.patch.

5bffc24... by Marc Deslauriers on 2017-06-22

[PATCH] Don't assert out on receiving too-large control packets

Gbp-Pq: CVE-2017-7478.patch.