From mboxrd@z Thu Jan  1 00:00:00 1970
From: Adolf Belka <adolf.belka@ipfire.org>
To: development@lists.ipfire.org
Subject: [PATCH] openvpn: Update to version 2.5.10
Date: Sat, 07 Sep 2024 19:29:27 +0200
Message-ID: <20240907172927.3439533-1-adolf.belka@ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============3341879135939865291=="
List-Id: <development.lists.ipfire.org>

--===============3341879135939865291==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

- Update from version 2.5.9 to 2.5.10
- Update of rootfile not required
- 3 CVE Fixes in this version but all are for Windows installations.
- Changelog
    2.5.10
	Security fixes
		- CVE-2024-27459: Windows: fix a possible stack overflow in the
		  interactive service component which might lead to a local privilege
		  escalation.
		  Reported-by: Vladimir Tokarev <vtokarev(a)microsoft.com>
		- CVE-2024-24974: Windows: disallow access to the interactive service
		  pipe from remote computers.
		  Reported-by: Vladimir Tokarev <vtokarev(a)microsoft.com>
		- CVE-2024-27903: Windows: disallow loading of plugins from untrusted
		  installation paths, which could be used to attack openvpn.exe via
		  a malicious plugin.  Plugins can now only be loaded from the OpenVPN
		  install directory, the Windows system directory, and possibly from
		  a directory specified by HKLM\SOFTWARE\OpenVPN\plugin_dir.
		  Reported-by: Vladimir Tokarev <vtokarev(a)microsoft.com>
	User visible changes
		- License amendment: all NEW commits fall under a modified license that
		  explicitly permits linking with Apache2 libraries (mbedTLS, OpenSSL) -
		  see COPYING for details.  Existing code in the release/2.5 branch
		  will not been relicensed (only in release/2.6 and later branches).

Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
---
 lfs/openvpn | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/lfs/openvpn b/lfs/openvpn
index b686cc930..807019f0a 100644
--- a/lfs/openvpn
+++ b/lfs/openvpn
@@ -1,7 +1,7 @@
 ############################################################################=
###
 #                                                                           =
  #
 # IPFire.org - A linux based firewall                                       =
  #
-# Copyright (C) 2007-2023  IPFire Team  <info(a)ipfire.org>                 =
    #
+# Copyright (C) 2007-2024  IPFire Team  <info(a)ipfire.org>                 =
    #
 #                                                                           =
  #
 # This program is free software: you can redistribute it and/or modify      =
  #
 # it under the terms of the GNU General Public License as published by      =
  #
@@ -24,7 +24,7 @@
=20
 include Config
=20
-VER        =3D 2.5.9
+VER        =3D 2.5.10
=20
 THISAPP    =3D openvpn-$(VER)
 DL_FILE    =3D $(THISAPP).tar.gz
@@ -40,7 +40,7 @@ objects =3D $(DL_FILE)
=20
 $(DL_FILE) =3D $(DL_FROM)/$(DL_FILE)
=20
-$(DL_FILE)_BLAKE2 =3D e5110ebb9149121c11de45f085f66d30a89fb674ad96c5792d83b1=
6dc29c95215a91e682adb3c800b91ed4d88d6d24b5bcae0799cdb855a284832f0668ffcb82
+$(DL_FILE)_BLAKE2 =3D 7f4ae82162e2e48e66df2da8008f45a2db53a22483730808b87394=
8f1dc13a2e5582c79e4469f9d794f8b0f87f08d627e8d1bd070b088ea33444af31779f5479
=20
 install : $(TARGET)
=20
--=20
2.46.0


--===============3341879135939865291==--