Format: 1.8
Date: Thu, 22 Jun 2017 10:51:34 -0400
Source: openvpn
Binary: openvpn
Architecture: arm64 arm64_translations
Version: 2.3.2-7ubuntu3.2
Distribution: trusty
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@bos01-arm64-006.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description: 
 openvpn    - virtual private network daemon
Changes: 
 openvpn (2.3.2-7ubuntu3.2) trusty-security; urgency=medium
 .
   * SECURITY UPDATE: birthday attack when using 64-bit block cipher
     - debian/patches/CVE-2016-6329.patch: print warning if 64-bit cipher is
       selected in src/openvpn/crypto.c, src/openvpn/crypto_openssl.c.
     - CVE-2016-6329
   * SECURITY UPDATE: DoS due to Exhaustion of Packet-ID counter
     - debian/patches/CVE-2017-7479-pre.patch: merge
       packet_id_alloc_outgoing() into packet_id_write() in
       src/openvpn/crypto.c, src/openvpn/packet_id.c,
       src/openvpn/packet_id.h.
     - debian/patches/CVE-2017-7479.patch: drop packets instead of assert
       out if packet id rolls over in src/openvpn/crypto.c,
       src/openvpn/packet_id.c, src/openvpn/packet_id.h.
     - CVE-2017-7479
   * SECURITY UPDATE: Remotely-triggerable ASSERT() on malformed IPv6 packet
     - debian/patches/CVE-2017-7508.patch: remove assert in
       src/openvpn/mss.c.
     - CVE-2017-7508
   * SECURITY UPDATE: Remote-triggerable memory leaks
     - debian/patches/CVE-2017-7512.patch: fix leaks in
       src/openvpn/ssl_verify_openssl.c.
     - CVE-2017-7512
   * SECURITY UPDATE: Pre-authentication remote crash/information disclosure
     for clients
     - debian/patches/CVE-2017-7520.patch: prevent two kinds of stack buffer
       OOB reads and a crash for invalid input data in src/openvpn/ntlm.c.
     - CVE-2017-7520
   * SECURITY UPDATE: Potential double-free in --x509-alt-username and
     memory leaks
     - debian/patches/CVE-2017-7521.patch: fix double-free in
       src/openvpn/ssl_verify_openssl.c.
     - CVE-2017-7521
   * SECURITY UPDATE: DoS in establish_http_proxy_passthru()
     - debian/patches/establish_http_proxy_passthru_dos.patch: fix
       null-pointer dereference in src/openvpn/proxy.c.
     - No CVE number
Checksums-Sha1: 
 f4370826c8afaa50a7fb54ef608a7d8df6762ec3 344952 openvpn_2.3.2-7ubuntu3.2_arm64.deb
 d8cc8ad0128cbb48f71857a8baac0ab367db67c6 711882 openvpn-dbgsym_2.3.2-7ubuntu3.2_arm64.ddeb
 126ec7b9a2f208f7f1709f28b0b695915b75f0da 27313 openvpn_2.3.2-7ubuntu3.2_arm64_translations.tar.gz
Checksums-Sha256: 
 d1553d312155335994253421432852fd8ee7afe4c5e865aed082ec4db6053f1b 344952 openvpn_2.3.2-7ubuntu3.2_arm64.deb
 f66aad35f124ecd03fd280408151e639f48d182a9597873c6bb3649c3e49c91d 711882 openvpn-dbgsym_2.3.2-7ubuntu3.2_arm64.ddeb
 ac4867fb4af29f3a6a7ee716fb5830110ab4a629d07cb3baad25300170bb786e 27313 openvpn_2.3.2-7ubuntu3.2_arm64_translations.tar.gz
Files: 
 64d12819062d50f4b29129906e8e7693 344952 net optional openvpn_2.3.2-7ubuntu3.2_arm64.deb
 4235cf71b53f2579f82a7ef6e8940299 711882 net extra openvpn-dbgsym_2.3.2-7ubuntu3.2_arm64.ddeb
 514fe792ed93b2a76c47da42ba628e1b 27313 raw-translations - openvpn_2.3.2-7ubuntu3.2_arm64_translations.tar.gz
Original-Maintainer: Alberto Gonzalez Iniesta <agi@inittab.org>