diff options
| author | Yi Zhao <yi.zhao@windriver.com> | 2024-03-21 20:00:42 +0800 |
|---|---|---|
| committer | Khem Raj <raj.khem@gmail.com> | 2024-03-21 08:46:06 -0700 |
| commit | 8f9b4e04b156e64f68171bf1ce5eeeb82ca2a9b0 (patch) | |
| tree | b7f5fda3bbc396bbfdb6f30581b28c64ec56addd /meta-networking | |
| parent | 2037afbc3289769ce1b02173306b5cdaccfbc255 (diff) | |
| download | meta-openembedded-8f9b4e04b156e64f68171bf1ce5eeeb82ca2a9b0.tar.gz | |
openvpn: upgrade 2.6.9 -> 2.6.10
License-Update: Update copyright years to 2024
ChangeLog:
https://github.com/OpenVPN/openvpn/blob/v2.6.10/Changes.rst
Security fixes:
CVE-2024-27459: Windows: fix a possible stack overflow in the
interactive service component which might lead to a local privilege
escalation.
CVE-2024-24974: Windows: disallow access to the interactive service pipe
from remote computers.
CVE-2024-27903: Windows: disallow loading of plugins from untrusted
installation paths, which could be used to attack openvpn.exe via a
malicious plugin. Plugins can now only be loaded from the OpenVPN
install directory, the Windows system directory, and possibly from a
directory specified by HKLM\SOFTWARE\OpenVPN\plugin_dir.
CVE-2024-1305: Windows TAP driver: Fix potential integer overflow in
!TapSharedSendPacket.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Diffstat (limited to 'meta-networking')
| -rw-r--r-- | meta-networking/recipes-support/openvpn/openvpn_2.6.10.bb (renamed from meta-networking/recipes-support/openvpn/openvpn_2.6.9.bb) | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/meta-networking/recipes-support/openvpn/openvpn_2.6.9.bb b/meta-networking/recipes-support/openvpn/openvpn_2.6.10.bb index 3af6b30a7..f8de78ff7 100644 --- a/meta-networking/recipes-support/openvpn/openvpn_2.6.9.bb +++ b/meta-networking/recipes-support/openvpn/openvpn_2.6.10.bb | |||
| @@ -2,7 +2,7 @@ SUMMARY = "A full-featured SSL VPN solution via tun device." | |||
| 2 | HOMEPAGE = "https://openvpn.net/" | 2 | HOMEPAGE = "https://openvpn.net/" |
| 3 | SECTION = "net" | 3 | SECTION = "net" |
| 4 | LICENSE = "GPL-2.0-only" | 4 | LICENSE = "GPL-2.0-only" |
| 5 | LIC_FILES_CHKSUM = "file://COPYING;md5=4b34e946059f80dcfd811e8dd471b5ed" | 5 | LIC_FILES_CHKSUM = "file://COPYING;md5=89196bacc47ed37a5b242a535661a049" |
| 6 | DEPENDS = "lzo lz4 openssl iproute2 libcap-ng ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}" | 6 | DEPENDS = "lzo lz4 openssl iproute2 libcap-ng ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}" |
| 7 | 7 | ||
| 8 | inherit autotools systemd update-rc.d pkgconfig | 8 | inherit autotools systemd update-rc.d pkgconfig |
| @@ -14,7 +14,7 @@ SRC_URI = "http://swupdate.openvpn.org/community/releases/${BP}.tar.gz \ | |||
| 14 | 14 | ||
| 15 | UPSTREAM_CHECK_URI = "https://openvpn.net/community-downloads" | 15 | UPSTREAM_CHECK_URI = "https://openvpn.net/community-downloads" |
| 16 | 16 | ||
| 17 | SRC_URI[sha256sum] = "e08d147e15b4508dfcd1d6618a1f21f1495f9817a8dadc1eddf0532fa116d7e3" | 17 | SRC_URI[sha256sum] = "1993bbb7b9edb430626eaa24573f881fd3df642f427fcb824b1aed1fca1bcc9b" |
| 18 | 18 | ||
| 19 | CVE_STATUS[CVE-2020-27569] = "not-applicable-config: Applies only Aviatrix OpenVPN client, not openvpn" | 19 | CVE_STATUS[CVE-2020-27569] = "not-applicable-config: Applies only Aviatrix OpenVPN client, not openvpn" |
| 20 | 20 | ||