Released recently:
https://openvpn.net/index.php/download/community-downloads.html
The CVE shouldn't affect many folks, but I'd like to push this for 6.2
anyway, it could make my life easier for next security updates.
https://community.openvpn.net/openvpn/wiki/CVE-2017-12166
Seems to work fine (client-side, amd64). Additional test reports
welcome.
Upstream replaced most polarssl references with mbedtls. I could adjust
the Makefile but I also might end up deleting the polarssl bits from the
port. Adding an mbedtls flavor could happen, but after 6.2, and if
someone else actually cares about it.
ok?
Index: Makefile
===================================================================
RCS file: /d/cvs/ports/net/openvpn/Makefile,v
retrieving revision 1.80
diff -u -p -r1.80 Makefile
--- Makefile 21 Jun 2017 19:01:23 -0000 1.80
+++ Makefile 28 Sep 2017 15:37:28 -0000
@@ -2,8 +2,7 @@
COMMENT= easy-to-use, robust, and highly configurable VPN
-DISTNAME= openvpn-2.4.3
-REVISION= 1
+DISTNAME= openvpn-2.4.4
CATEGORIES= net security
HOMEPAGE= https://openvpn.net/index.php/open-source/
@@ -15,7 +14,7 @@ PERMIT_PACKAGE_CDROM= Yes
WANTLIB += c crypto lz4 lzo2 ssl
-MASTER_SITES= http://wxcvbn.org/~jca/distfiles/
+MASTER_SITES= https://swupdate.openvpn.org/community/releases/
LIB_DEPENDS= archivers/lzo2 \
archivers/lz4
Index: distinfo
===================================================================
RCS file: /d/cvs/ports/net/openvpn/distinfo,v
retrieving revision 1.38
diff -u -p -r1.38 distinfo
--- distinfo 21 Jun 2017 12:51:09 -0000 1.38
+++ distinfo 28 Sep 2017 15:37:28 -0000
@@ -1,2 +1,2 @@
-SHA256 (openvpn-2.4.3.tar.gz) = hKAao98MEqNVLKO6qjnXABN7W85LbeaD/of7eb+l3ws=
-SIZE (openvpn-2.4.3.tar.gz) = 1397306
+SHA256 (openvpn-2.4.4.tar.gz) = GuiD2VIsn6bRieXkqqBYqT7dPQuJfjwmZBB8R4UJn8M=
+SIZE (openvpn-2.4.4.tar.gz) = 1390194
Index: patches/patch-configure
===================================================================
RCS file: /d/cvs/ports/net/openvpn/patches/patch-configure,v
retrieving revision 1.17
diff -u -p -r1.17 patch-configure
--- patches/patch-configure 21 Jun 2017 12:51:09 -0000 1.17
+++ patches/patch-configure 28 Sep 2017 15:37:28 -0000
@@ -2,7 +2,7 @@ $OpenBSD: patch-configure,v 1.17 2017/06
Index: configure
--- configure.orig
+++ configure
-@@ -17318,7 +17318,7 @@ else
+@@ -17409,7 +17409,7 @@ else
fi
Index: patches/patch-src_openvpn_route_c
===================================================================
RCS file: /d/cvs/ports/net/openvpn/patches/patch-src_openvpn_route_c,v
retrieving revision 1.11
diff -u -p -r1.11 patch-src_openvpn_route_c
--- patches/patch-src_openvpn_route_c 21 Jun 2017 12:51:09 -0000 1.11
+++ patches/patch-src_openvpn_route_c 28 Sep 2017 15:37:28 -0000
@@ -5,7 +5,7 @@ $OpenBSD: patch-src_openvpn_route_c,v 1.
Index: src/openvpn/route.c
--- src/openvpn/route.c.orig
+++ src/openvpn/route.c
-@@ -1777,12 +1777,17 @@ add_route(struct route_ipv4 *r,
+@@ -1781,12 +1781,17 @@ add_route(struct route_ipv4 *r,
}
No comments:
Post a Comment