Age | Commit message (Collapse) | Author | |
---|---|---|---|
2021-04-28 | Changelog for 2.5.1-2debian/2.5.1-2 | Bernhard Schmidt | |
2021-04-28 | CVE-2020-15078: Authentication bypass with deferred authentication | Bernhard Schmidt | |
Overview OpenVPN 2.5.1 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks. Detailed description This bug allows - under very specific circumstances - to trick a server using delayed authentication (plugin or management) into returning a PUSH_REPLY before the AUTH_FAILED message, which can possibly be used to gather information about a VPN setup. In combination with "--auth-gen-token" or a user-specific token auth solution it can be possible to get access to a VPN with an otherwise-invalid account. Pre-Dependency: CVE-2020-15078-0.patch: https://github.com/OpenVPN/openvpn/commit/14511010 CVE-Fix: CVE-2020-15078-1.patch: https://github.com/OpenVPN/openvpn/commit/3aca477a CVE-2020-15078-2.patch: https://github.com/OpenVPN/openvpn/commit/3d18e308 CVE-2020-15078-3.patch: https://github.com/OpenVPN/openvpn/commit/f7b3bf06 Closes: #987380 | |||
2021-02-24 | Changelog for 2.5.1-1debian/2.5.1-1 | Bernhard Schmidt | |
2021-02-24 | Update upstream source from tag 'upstream/2.5.1' | Bernhard Schmidt | |
Update to upstream version '2.5.1' with Debian dir 7ffab8b9a1f4bee8b10a736ef58cdbac4bfd4b14 | |||
2021-02-24 | New upstream version 2.5.1upstream/2.5.1 | Bernhard Schmidt | |
2020-10-28 | Changelog for 2.5.0-1debian/2.5.0-1 | Bernhard Schmidt | |
2020-10-28 | Update upstream source from tag 'upstream/2.5.0' | Bernhard Schmidt | |
Update to upstream version '2.5.0' with Debian dir e11f7b8b9773dc76e4ab19884eee5bddfe34d960 | |||
2020-10-28 | New upstream version 2.5.0upstream/2.5.0 | Bernhard Schmidt | |
2020-10-20 | Changelog for 2.5~rc3-1debian/2.5_rc3-1 | Bernhard Schmidt | |
2020-10-20 | Update upstream source from tag 'upstream/2.5_rc3' | Bernhard Schmidt | |
Update to upstream version '2.5~rc3' with Debian dir 654a857be97a3895ea7ff814fea7c3f9f80e8794 | |||
2020-10-20 | New upstream version 2.5~rc3upstream/2.5_rc3 | Bernhard Schmidt | |
2020-09-30 | Changelog for 2.5~rc2-1 | Bernhard Schmidt | |
2020-09-30 | Update upstream source from tag 'upstream/2.5_rc2' | Bernhard Schmidt | |
Update to upstream version '2.5~rc2' with Debian dir 0cd2307abadc06f5064e4d5e7c23689a67b720c5 | |||
2020-09-30 | New upstream version 2.5~rc2upstream/2.5_rc2 | Bernhard Schmidt | |
2020-09-30 | Downgrade debhelper-compat to 12 for easier backports | Bernhard Schmidt | |
2020-09-01 | Changelog for 2.5~beta3-1debian/2.5_beta3-1 | Bernhard Schmidt | |
2020-09-01 | Update upstream source from tag 'upstream/2.5_beta3' | Bernhard Schmidt | |
Update to upstream version '2.5~beta3' with Debian dir 08bf4b8b33e73a97458e7fd53ec989aa541745cd | |||
2020-09-01 | New upstream version 2.5~beta3upstream/2.5_beta3 | Bernhard Schmidt | |
2020-09-01 | Revert "d/gbp.conf for experimental 2.5 branch" | Bernhard Schmidt | |
This reverts commit d3986a312f5fbcfd0e78e6b147eef419fb4e5f54. | |||
2020-09-01 | Merge branch 'debian/experimental-2.5' | Bernhard Schmidt | |
2020-09-01 | Drop reload support from systemd unit files (LP: #1868127) | Lucas Kanashiro | |
The current reload implementation (sending a SIGHUP signal to the process) fails, and the difference between reload and restart is not clear. Systemd does not require an implementation for reload. | |||
2020-09-01 | Add two DEP-8 test cases for the server side | Lucas Kanashiro | |
Two scenarios are tested, server setup using: a static key and a CA. | |||
2020-08-31 | Merge branch 'add-dep8-tests' into 'master' | Bernhard Schmidt | |
Add two DEP-8 test cases for the server side See merge request debian/openvpn!4 | |||
2020-08-31 | Merge branch 'drop-systemd-reload-support' into 'master' | Bernhard Schmidt | |
Drop reload support from systemd unit files See merge request debian/openvpn!5 | |||
2020-08-16 | Changelog for 2.5~beta1-3debian/2.5_beta1-3 | Bernhard Schmidt | |
2020-08-16 | Disable iproute2 support in favour of the new netlink based default | Bernhard Schmidt | |
Thanks: Fabio Pedretti | |||
2020-08-16 | Changelog for 2.5~beta1-2debian/2.5_beta1-2 | Bernhard Schmidt | |
2020-08-16 | Set Build-Conflicts: systemctl, see Bug#959828 | Bernhard Schmidt | |
2020-08-15 | Changelog for 2.5~beta1-1debian/2.5_beta1-1 | Bernhard Schmidt | |
2020-08-15 | Add python3-docutils to build-depends for manpage generation | Bernhard Schmidt | |
2020-08-15 | Adjust patches for new major upstream version | Bernhard Schmidt | |
2020-08-15 | Update upstream source from tag 'upstream/2.5_beta1' | Bernhard Schmidt | |
Update to upstream version '2.5~beta1' with Debian dir d53f9a482ac24eb491a294b26c24bb1d87afad24 | |||
2020-08-15 | New upstream version 2.5~beta1upstream/2.5_beta1 | Bernhard Schmidt | |
2020-08-15 | d/gbp.conf for experimental 2.5 branch | Bernhard Schmidt | |
2020-08-15 | d/copyright: Remove duplicatedebian/2.4.9-3 | Bernhard Schmidt | |
2020-05-26 | Drop reload support from systemd unit files (LP: #1868127) | Lucas Kanashiro | |
The current reload implementation (sending a SIGHUP signal to the process) fails, and the difference between reload and restart is not clear. Systemd does not require an implementation for reload. | |||
2020-05-08 | Add two DEP-8 test cases for the server side | Lucas Kanashiro | |
Two scenarios are tested, server setup using: a static key and a CA. | |||
2020-05-02 | d/changelog: Change distribution to unstable, Change date and time | Jörg Frings-Fürst | |
2020-05-02 | d/copyright: Add year 2020 to Bernhard Schmidt | Jörg Frings-Fürst | |
2020-05-02 | Add hint to reboot if openvpn is running; Add new chapter into debian/NEWS | Jörg Frings-Fürst | |
2020-05-02 | d/postinst: Remove now useless code for version less than 2.3.2-6 | Jörg Frings-Fürst | |
2020-05-02 | Remove restart from debian/postinst; Migrate to debhelper 13 | Jörg Frings-Fürst | |
2020-05-02 | Fix the bug (Device or resource busy) that occurs during the update | Jörg Frings-Fürst | |
2020-04-21 | Update changelogdebian/2.4.9-2 | Bernhard Schmidt | |
2020-04-21 | Changelog for 2.4.9-2 | Bernhard Schmidt | |
2020-04-21 | Enable Salsa CI | Bernhard Schmidt | |
2020-04-21 | Use DEB_HOST_MULTIARCH for libraries | Bernhard Schmidt | |
Closes: #958315 | |||
2020-04-21 | Cherry-Pick upstream patch to fix ssl_do_config error with invalid OpenSSL ↵ | Bernhard Schmidt | |
system configuration Closes: #958296 | |||
2020-04-19 | Changelog for 2.4.9-1debian/2.4.9-1 | Bernhard Schmidt | |
2020-04-19 | Fix spelling error | Bernhard Schmidt | |