openwrt-mirror/packages
1
0
Fork 0
mirror of https://github.com/openwrt/packages.git synced 2025-12-24 08:28:20 +04:00
Code Issues Packages Projects Releases Wiki Activity

openvpn: update to 2.5.2

Browse Source 
Fixes two related security vulnerabilities (CVE-2020-15078) which
under very specific circumstances allow tricking a server using delayed
authentication (plugin or management) into returning a PUSH_REPLY before
the AUTH_FAILED message, which can possibly be used to gather
information about a VPN setup. In combination with "--auth-gen-token" or
a user-specific token auth solution it can be possible to get access to
a VPN with an otherwise-invalid account.

OpenVPN 2.5.2 also includes other bug fixes and improvements.

Add CI build test script.

Signed-off-by: Magnus Kroken <mkroken@gmail.com>
This commit is contained in:
Magnus Kroken
2021-04-21 22:45:03 +02:00
parent 1b570f7aad
commit 6186fe732b
4 changed files with 56 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
net/openvpn/patches/100-mbedtls-disable-runtime-version-check.patch
View File

@@ -1,6 +1,6 @@
--- a/src/openvpn/ssl_mbedtls.c
+++ b/src/openvpn/ssl_mbedtls.c
@@ -1520,7 +1520,7 @@ const char *
@@ -1535,7 +1535,7 @@ const char *
get_ssl_library_version(void)
{
static char mbedtls_version[30];