From ee1d7af583f606a9233307df07dd844935990c14 Mon Sep 17 00:00:00 2001 From: mandree Date: Thu, 22 Jun 2017 17:26:32 +0000 Subject: OpenVPN security update to 2.3.17 OpenVPN v2.4.2 was analyzed closely using a fuzzer by Guido Vranken. In the process several vulnerabilities were found, some of which are remotely exploitable in certain circumstances, and the fixes have been backported to v2.3.x. Changelog: Security: 9f65d382-56a4-11e7-83e3-080027ef73ec Security: CVE-2017-7508 Security: CVE-2017-7512 Security: CVE-2017-7520 Security: CVE-2017-7521 Security: CVE-2017-7522 Approved by: ports-secteam@ (delphij@) --- security/openvpn23/Makefile | 9 +++++---- security/openvpn23/distinfo | 6 +++--- 2 files changed, 8 insertions(+), 7 deletions(-) diff --git a/security/openvpn23/Makefile b/security/openvpn23/Makefile index 0df2df2..4a5109b 100644 --- a/security/openvpn23/Makefile +++ b/security/openvpn23/Makefile @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= openvpn -DISTVERSION= 2.3.16 +DISTVERSION= 2.3.17 CATEGORIES= security net MASTER_SITES= https://swupdate.openvpn.net/community/releases/ \ https://build.openvpn.net/downloads/releases/ @@ -12,7 +12,7 @@ MAINTAINER= mandree@FreeBSD.org COMMENT?= Secure IP/Ethernet tunnel daemon DEPRECATED= Replaced by new upstream release 2.4.x -EXPIRATION_DATE= 2017-03-31 +EXPIRATION_DATE= 2017-06-30 LICENSE= GPLv2 @@ -63,8 +63,9 @@ OPENSSL_USES= ssl OPENSSL_CONFIGURE_ON= --with-crypto-library=openssl # Pin the libmbedtls version because the 2.3.x port can't work with .so.10 or -# newer from the security/mbedtls package. Upstream works in progress -# for OpenVPN 2.4 to use mbedTLS 2.X. +# newer from the security/mbedtls package. +# Recent upstream 2.4 versions can use mbedTLS 2.X, and there is a +# corresponding port. POLARSSL_LIB_DEPENDS= libmbedtls.so.9:security/polarssl13 POLARSSL_CONFIGURE_ON= --with-crypto-library=polarssl diff --git a/security/openvpn23/distinfo b/security/openvpn23/distinfo index b905dde..ad1ec7f 100644 --- a/security/openvpn23/distinfo +++ b/security/openvpn23/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1495220261 -SHA256 (openvpn-2.3.16.tar.xz) = efb4bd5450df7fc7b11143ee81a8fad8aaddeaefe645657c1eebb14a1377b475 -SIZE (openvpn-2.3.16.tar.xz) = 831428 +TIMESTAMP = 1498151556 +SHA256 (openvpn-2.3.17.tar.xz) = d300029416b045666f2dc957bdde407ba97894428b5ad8433df789e793ccc1d3 +SIZE (openvpn-2.3.17.tar.xz) = 846664 -- cgit v1.1