summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2021-04-28Changelog for 2.5.1-2debian/2.5.1-2Bernhard Schmidt
2021-04-28CVE-2020-15078: Authentication bypass with deferred authenticationBernhard Schmidt
Overview OpenVPN 2.5.1 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks. Detailed description This bug allows - under very specific circumstances - to trick a server using delayed authentication (plugin or management) into returning a PUSH_REPLY before the AUTH_FAILED message, which can possibly be used to gather information about a VPN setup. In combination with "--auth-gen-token" or a user-specific token auth solution it can be possible to get access to a VPN with an otherwise-invalid account. Pre-Dependency: CVE-2020-15078-0.patch: https://github.com/OpenVPN/openvpn/commit/14511010 CVE-Fix: CVE-2020-15078-1.patch: https://github.com/OpenVPN/openvpn/commit/3aca477a CVE-2020-15078-2.patch: https://github.com/OpenVPN/openvpn/commit/3d18e308 CVE-2020-15078-3.patch: https://github.com/OpenVPN/openvpn/commit/f7b3bf06 Closes: #987380
2021-02-24Changelog for 2.5.1-1debian/2.5.1-1Bernhard Schmidt
2021-02-24Update upstream source from tag 'upstream/2.5.1'Bernhard Schmidt
Update to upstream version '2.5.1' with Debian dir 7ffab8b9a1f4bee8b10a736ef58cdbac4bfd4b14
2021-02-24New upstream version 2.5.1upstream/2.5.1Bernhard Schmidt
2020-10-28Changelog for 2.5.0-1debian/2.5.0-1Bernhard Schmidt
2020-10-28Update upstream source from tag 'upstream/2.5.0'Bernhard Schmidt
Update to upstream version '2.5.0' with Debian dir e11f7b8b9773dc76e4ab19884eee5bddfe34d960
2020-10-28New upstream version 2.5.0upstream/2.5.0Bernhard Schmidt
2020-10-20Changelog for 2.5~rc3-1debian/2.5_rc3-1Bernhard Schmidt
2020-10-20Update upstream source from tag 'upstream/2.5_rc3'Bernhard Schmidt
Update to upstream version '2.5~rc3' with Debian dir 654a857be97a3895ea7ff814fea7c3f9f80e8794
2020-10-20New upstream version 2.5~rc3upstream/2.5_rc3Bernhard Schmidt
2020-09-30Changelog for 2.5~rc2-1Bernhard Schmidt
2020-09-30Update upstream source from tag 'upstream/2.5_rc2'Bernhard Schmidt
Update to upstream version '2.5~rc2' with Debian dir 0cd2307abadc06f5064e4d5e7c23689a67b720c5
2020-09-30New upstream version 2.5~rc2upstream/2.5_rc2Bernhard Schmidt
2020-09-30Downgrade debhelper-compat to 12 for easier backportsBernhard Schmidt
2020-09-01Changelog for 2.5~beta3-1debian/2.5_beta3-1Bernhard Schmidt
2020-09-01Update upstream source from tag 'upstream/2.5_beta3'Bernhard Schmidt
Update to upstream version '2.5~beta3' with Debian dir 08bf4b8b33e73a97458e7fd53ec989aa541745cd
2020-09-01New upstream version 2.5~beta3upstream/2.5_beta3Bernhard Schmidt
2020-09-01Revert "d/gbp.conf for experimental 2.5 branch"Bernhard Schmidt
This reverts commit d3986a312f5fbcfd0e78e6b147eef419fb4e5f54.
2020-09-01Merge branch 'debian/experimental-2.5'Bernhard Schmidt
2020-09-01Drop reload support from systemd unit files (LP: #1868127)Lucas Kanashiro
The current reload implementation (sending a SIGHUP signal to the process) fails, and the difference between reload and restart is not clear. Systemd does not require an implementation for reload.
2020-09-01Add two DEP-8 test cases for the server sideLucas Kanashiro
Two scenarios are tested, server setup using: a static key and a CA.
2020-08-31Merge branch 'add-dep8-tests' into 'master'Bernhard Schmidt
Add two DEP-8 test cases for the server side See merge request debian/openvpn!4
2020-08-31Merge branch 'drop-systemd-reload-support' into 'master'Bernhard Schmidt
Drop reload support from systemd unit files See merge request debian/openvpn!5
2020-08-16Changelog for 2.5~beta1-3debian/2.5_beta1-3Bernhard Schmidt
2020-08-16Disable iproute2 support in favour of the new netlink based defaultBernhard Schmidt
Thanks: Fabio Pedretti
2020-08-16Changelog for 2.5~beta1-2debian/2.5_beta1-2Bernhard Schmidt
2020-08-16Set Build-Conflicts: systemctl, see Bug#959828Bernhard Schmidt
2020-08-15Changelog for 2.5~beta1-1debian/2.5_beta1-1Bernhard Schmidt
2020-08-15Add python3-docutils to build-depends for manpage generationBernhard Schmidt
2020-08-15Adjust patches for new major upstream versionBernhard Schmidt
2020-08-15Update upstream source from tag 'upstream/2.5_beta1'Bernhard Schmidt
Update to upstream version '2.5~beta1' with Debian dir d53f9a482ac24eb491a294b26c24bb1d87afad24
2020-08-15New upstream version 2.5~beta1upstream/2.5_beta1Bernhard Schmidt
2020-08-15d/gbp.conf for experimental 2.5 branchBernhard Schmidt
2020-08-15d/copyright: Remove duplicatedebian/2.4.9-3Bernhard Schmidt
2020-05-26Drop reload support from systemd unit files (LP: #1868127)Lucas Kanashiro
The current reload implementation (sending a SIGHUP signal to the process) fails, and the difference between reload and restart is not clear. Systemd does not require an implementation for reload.
2020-05-08Add two DEP-8 test cases for the server sideLucas Kanashiro
Two scenarios are tested, server setup using: a static key and a CA.
2020-05-02d/changelog: Change distribution to unstable, Change date and timeJörg Frings-Fürst
2020-05-02d/copyright: Add year 2020 to Bernhard SchmidtJörg Frings-Fürst
2020-05-02Add hint to reboot if openvpn is running; Add new chapter into debian/NEWSJörg Frings-Fürst
2020-05-02d/postinst: Remove now useless code for version less than 2.3.2-6Jörg Frings-Fürst
2020-05-02Remove restart from debian/postinst; Migrate to debhelper 13Jörg Frings-Fürst
2020-05-02Fix the bug (Device or resource busy) that occurs during the updateJörg Frings-Fürst
2020-04-21Update changelogdebian/2.4.9-2Bernhard Schmidt
2020-04-21Changelog for 2.4.9-2Bernhard Schmidt
2020-04-21Enable Salsa CIBernhard Schmidt
2020-04-21Use DEB_HOST_MULTIARCH for librariesBernhard Schmidt
Closes: #958315
2020-04-21Cherry-Pick upstream patch to fix ssl_do_config error with invalid OpenSSL ↵Bernhard Schmidt
system configuration Closes: #958296
2020-04-19Changelog for 2.4.9-1debian/2.4.9-1Bernhard Schmidt
2020-04-19Fix spelling errorBernhard Schmidt