summaryrefslogtreecommitdiff
path: root/debian/patches
AgeCommit message (Collapse)Author
2021-04-28CVE-2020-15078: Authentication bypass with deferred authenticationBernhard Schmidt
Overview OpenVPN 2.5.1 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks. Detailed description This bug allows - under very specific circumstances - to trick a server using delayed authentication (plugin or management) into returning a PUSH_REPLY before the AUTH_FAILED message, which can possibly be used to gather information about a VPN setup. In combination with "--auth-gen-token" or a user-specific token auth solution it can be possible to get access to a VPN with an otherwise-invalid account. Pre-Dependency: CVE-2020-15078-0.patch: https://github.com/OpenVPN/openvpn/commit/14511010 CVE-Fix: CVE-2020-15078-1.patch: https://github.com/OpenVPN/openvpn/commit/3aca477a CVE-2020-15078-2.patch: https://github.com/OpenVPN/openvpn/commit/3d18e308 CVE-2020-15078-3.patch: https://github.com/OpenVPN/openvpn/commit/f7b3bf06 Closes: #987380
2020-08-15Adjust patches for new major upstream versionBernhard Schmidt
2020-04-21Cherry-Pick upstream patch to fix ssl_do_config error with invalid OpenSSL ↵Bernhard Schmidt
system configuration Closes: #958296
2020-04-10Refresh d/p/openvpn-pkcs11warn.patch: Remove d/p/fix-pkcs11-helper-hang.patchJörg Frings-Fürst
2019-02-20Avoid hangs when spawhning child processes by not setting pkcs11-helper ↵Hilko Bengen
"safe fork mode" (Closes: #772812, #900805, #907452)
2019-02-20adjust kfreebsd_support.patch for new upstream versionBernhard Schmidt
2018-07-29New d/p/systemd.patch to remove obsolete syslog.targetJörg Frings-Fürst
2018-07-29Refresh patches; New d/p/spelling_errors.patchJörg Frings-Fürst
2017-10-04New directory /var/log/openvpn for log and status filesJörg Frings-Fürst
2017-06-22Refresh patches for 2.4.3Alberto Gonzalez Iniesta
2017-05-22Add patch to fix upstream's issue 879Alberto Gonzalez Iniesta
2017-05-11Security fixes for sid. CVE-2017-7478 & CVE-2017-7479debian/2.4.0-5Alberto Gonzalez Iniesta
2017-05-11Match command line help and manpageAlberto Gonzalez Iniesta
2016-12-27Patches cleanupAlberto Gonzalez Iniesta
2016-12-12Update & re-enable kfreebsd_support patchAlberto Gonzalez Iniesta
2016-12-07Update close_socket_before_scripts.patch for 2.4Alberto Gonzalez Iniesta
2016-11-21Refresh patches for 2.4Alberto Gonzalez Iniesta
2016-05-11Remove old patchesdebian/2.3.11-1Alberto Gonzalez Iniesta
2016-05-10Fix FTBFS in kfreebsd (Closes: #815283)Alberto Gonzalez Iniesta
2016-05-10New upstream releaseAlberto Gonzalez Iniesta
2016-01-20New upstream releaseAlberto Gonzalez Iniesta
2015-12-15Fix password prompt on systemd systemsAlberto Gonzalez Iniesta
2015-09-05Drop configure patch, add systemd as Build-DepAlberto Gonzalez Iniesta
2015-09-04Patch configure to build without libsystemd-daemon-devAlberto Gonzalez Iniesta
2015-07-01Refresh patchesAlberto Gonzalez Iniesta
2015-07-01Merge branch 'jessie'Alberto Gonzalez Iniesta
Conflicts: debian/changelog debian/control debian/patches/series
2014-12-01Patch expired certs in order to get a build-able packageAlberto Gonzalez Iniesta
2014-12-01Apply upstream patch to fix CVE-2014-8104Alberto Gonzalez Iniesta
2014-10-30Refresh patches, remove unneededAlberto Gonzalez Iniesta
2014-10-13Fix temp file leak. Closes: #764651debian/2.3.4-3Alberto Gonzalez Iniesta
2014-09-02Refresh patches for 2.3.4Alberto Gonzalez Iniesta
2014-05-14Add patch to fix #747265, refresh patchesAlberto Gonzalez Iniesta
2013-06-03Upstream 2.3.2Alberto Gonzalez Iniesta
2013-05-17new upstreamAlberto Gonzalez Iniesta
2013-05-17Fix CVE-2013-2061Alberto Gonzalez Iniesta
2013-01-10Moving to 2.3Alberto Gonzalez Iniesta
2012-03-16Add dpkg-buildflags to plugins build flagsdebian/2.2.1-7Alberto Gonzalez Iniesta
2012-02-23Add "Description" to latest patches. Fix manpageAlberto Gonzalez Iniesta
2012-02-23Fix spelling and hyphen warnings in manpageAlberto Gonzalez Iniesta
2012-02-23Fix spelling error in occ.cAlberto Gonzalez Iniesta
2012-02-21Imported Debian patch 2.2.1-1debian/2.2.1-1Alberto Gonzalez Iniesta
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-01 09:07:45 +0000