On Thu, Sep 28 2017, Jeremie Courreges-Anglas <jca@wxcvbn.org> wrote:
> Released recently:
> https://openvpn.net/index.php/download/community-downloads.html
>
> The CVE shouldn't affect many folks, but I'd like to push this for 6.2
> anyway, it could make my life easier for next security updates.
>
> https://community.openvpn.net/openvpn/wiki/CVE-2017-12166
>
> Seems to work fine (client-side, amd64). Additional test reports
> welcome.
>
> Upstream replaced most polarssl references with mbedtls. I could adjust
> the Makefile but I also might end up deleting the polarssl bits from the
> port. Adding an mbedtls flavor could happen, but after 6.2, and if
> someone else actually cares about it.
>
> ok?
Similar diff for 6.1.
Index: Makefile
===================================================================
RCS file: /d/cvs/ports/net/openvpn/Makefile,v
retrieving revision 1.73.2.4
diff -u -p -r1.73.2.4 Makefile
--- Makefile 21 Jun 2017 19:00:13 -0000 1.73.2.4
+++ Makefile 28 Sep 2017 16:08:27 -0000
@@ -2,8 +2,7 @@
COMMENT= easy-to-use, robust, and highly configurable VPN
-DISTNAME= openvpn-2.4.3
-REVISION= 1
+DISTNAME= openvpn-2.4.4
CATEGORIES= net security
HOMEPAGE= https://openvpn.net/index.php/open-source/
@@ -15,7 +14,7 @@ PERMIT_PACKAGE_CDROM= Yes
WANTLIB += c crypto lz4 lzo2 ssl
-MASTER_SITES = http://wxcvbn.org/~jca/distfiles/
+MASTER_SITES= https://swupdate.openvpn.org/community/releases/
LIB_DEPENDS= archivers/lzo2 \
archivers/lz4
Index: distinfo
===================================================================
RCS file: /d/cvs/ports/net/openvpn/distinfo,v
retrieving revision 1.36.2.4
diff -u -p -r1.36.2.4 distinfo
--- distinfo 21 Jun 2017 19:00:13 -0000 1.36.2.4
+++ distinfo 28 Sep 2017 16:08:27 -0000
@@ -1,2 +1,2 @@
-SHA256 (openvpn-2.4.3.tar.gz) = hKAao98MEqNVLKO6qjnXABN7W85LbeaD/of7eb+l3ws=
-SIZE (openvpn-2.4.3.tar.gz) = 1397306
+SHA256 (openvpn-2.4.4.tar.gz) = GuiD2VIsn6bRieXkqqBYqT7dPQuJfjwmZBB8R4UJn8M=
+SIZE (openvpn-2.4.4.tar.gz) = 1390194
Index: patches/patch-configure
===================================================================
RCS file: /d/cvs/ports/net/openvpn/patches/patch-configure,v
retrieving revision 1.15.2.2
diff -u -p -r1.15.2.2 patch-configure
--- patches/patch-configure 21 Jun 2017 12:53:11 -0000 1.15.2.2
+++ patches/patch-configure 28 Sep 2017 16:08:27 -0000
@@ -2,7 +2,7 @@ $OpenBSD: patch-configure,v 1.15.2.2 201
Index: configure
--- configure.orig
+++ configure
-@@ -17318,7 +17318,7 @@ else
+@@ -17409,7 +17409,7 @@ else
fi
Index: patches/patch-src_openvpn_route_c
===================================================================
RCS file: /d/cvs/ports/net/openvpn/patches/patch-src_openvpn_route_c,v
retrieving revision 1.8.2.1
diff -u -p -r1.8.2.1 patch-src_openvpn_route_c
--- patches/patch-src_openvpn_route_c 21 Jun 2017 12:53:11 -0000 1.8.2.1
+++ patches/patch-src_openvpn_route_c 28 Sep 2017 16:08:27 -0000
@@ -5,7 +5,7 @@ $OpenBSD: patch-src_openvpn_route_c,v 1.
Index: src/openvpn/route.c
--- src/openvpn/route.c.orig
+++ src/openvpn/route.c
-@@ -1777,12 +1777,17 @@ add_route(struct route_ipv4 *r,
+@@ -1781,12 +1781,17 @@ add_route(struct route_ipv4 *r,
}
No comments:
Post a Comment