From 0b7f9eeffaaa5889d4ab151150e45c8856fa49b8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B6rg=20Frings-F=C3=BCrst?= <debian@jff-webhosting.net>
Date: Tue, 3 Oct 2017 13:27:54 +0200
Subject: Fix bounds check in read_key() (CVE-2017-12166)

---
 debian/changelog | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'debian')

diff --git a/debian/changelog b/debian/changelog
index 1e3cc3b..1df3559 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,6 +1,7 @@
 openvpn (2.4.4-1) UNRELEASED; urgency=medium
 
-  * New Upstream release.
+  * New Upstream release:
+    - Fix bounds check in read_key() (CVE-2017-12166) (Closes: #877089).
   * Declare compliance with Debian Policy 4.1.1. (No changes needed).
   * Drop dh-systemd from both Build-Depends and dh command line as
     it is enabled by default for dh compat level 10.
-- 
cgit v1.2.3