Format: 1.8
Date: Thu, 22 Jun 2017 10:32:09 -0400
Source: openvpn
Binary: openvpn
Architecture: ppc64el ppc64el_translations
Version: 2.3.10-1ubuntu2.1
Distribution: xenial
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@bos01-ppc64el-025.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description:
 openvpn    - virtual private network daemon
Changes:
 openvpn (2.3.10-1ubuntu2.1) xenial-security; urgency=medium
 .
   * SECURITY UPDATE: birthday attack when using 64-bit block cipher
     - debian/patches/CVE-2016-6329.patch: print warning if 64-bit cipher is
       selected in src/openvpn/crypto.c, src/openvpn/crypto_openssl.c,
       src/openvpn/crypto_polarssl.c, tests/t_lpback.sh.
     - CVE-2016-6329
   * SECURITY UPDATE: DoS due to Exhaustion of Packet-ID counter
     - debian/patches/CVE-2017-7479-pre.patch: merge
       packet_id_alloc_outgoing() into packet_id_write() in
       src/openvpn/crypto.c, src/openvpn/packet_id.c,
       src/openvpn/packet_id.h.
     - debian/patches/CVE-2017-7479.patch: drop packets instead of assert
       out if packet id rolls over in src/openvpn/crypto.c,
       src/openvpn/packet_id.c, src/openvpn/packet_id.h.
     - CVE-2017-7479
   * SECURITY UPDATE: Remotely-triggerable ASSERT() on malformed IPv6 packet
     - debian/patches/CVE-2017-7508.patch: remove assert in
       src/openvpn/mss.c.
     - CVE-2017-7508
   * SECURITY UPDATE: Remote-triggerable memory leaks
     - debian/patches/CVE-2017-7512.patch: fix leaks in
       src/openvpn/ssl_verify_openssl.c.
     - CVE-2017-7512
   * SECURITY UPDATE: Pre-authentication remote crash/information disclosure
     for clients
     - debian/patches/CVE-2017-7520.patch: prevent two kinds of stack buffer
       OOB reads and a crash for invalid input data in src/openvpn/ntlm.c.
     - CVE-2017-7520
   * SECURITY UPDATE: Potential double-free in --x509-alt-username and
     memory leaks
     - debian/patches/CVE-2017-7521.patch: fix double-free in
       src/openvpn/ssl_verify_openssl.c.
     - CVE-2017-7521
   * SECURITY UPDATE: DoS in establish_http_proxy_passthru()
     - debian/patches/establish_http_proxy_passthru_dos.patch: fix
       null-pointer dereference in src/openvpn/proxy.c.
     - No CVE number
Checksums-Sha1:
 a90b8ae1656119a5870f01f3a77eae9e97f7ef38 789388 openvpn-dbgsym_2.3.10-1ubuntu2.1_ppc64el.ddeb
 7c468ec9b37ed90e3967588809d12e168bf9d178 412198 openvpn_2.3.10-1ubuntu2.1_ppc64el.deb
 0fe9c99e656097fd8eba45bfaafa80b78fec3c1c 27664 openvpn_2.3.10-1ubuntu2.1_ppc64el_translations.tar.gz
Checksums-Sha256:
 b4cd47bed94f905daa44ffd6b14441bd2498a2cb7585c358640a2b1848a44c45 789388 openvpn-dbgsym_2.3.10-1ubuntu2.1_ppc64el.ddeb
 bb8aca0f7292e9b2a3bf75596635759f8ff92c3cbde1bf96aec568c0ba79c8ef 412198 openvpn_2.3.10-1ubuntu2.1_ppc64el.deb
 83f648f32b0c26608c1a87494b6b3260bfb4ea08c98f1375386ec3cf0de1e410 27664 openvpn_2.3.10-1ubuntu2.1_ppc64el_translations.tar.gz
Files:
 df44e766aa72be7e4a07b14edd11b1db 789388 net extra openvpn-dbgsym_2.3.10-1ubuntu2.1_ppc64el.ddeb
 89a06609f20e1060d0fee0f52857e802 412198 net optional openvpn_2.3.10-1ubuntu2.1_ppc64el.deb
 3b1e8606ae0553f07b0c495369e4cd4a 27664 raw-translations - openvpn_2.3.10-1ubuntu2.1_ppc64el_translations.tar.gz
Original-Maintainer: Alberto Gonzalez Iniesta <agi@inittab.org>