From bf29f9a870281df42f1c50664c2cabd208d753d0 Mon Sep 17 00:00:00 2001 From: Patrick J Volkerding Date: Wed, 22 Apr 2020 02:19:37 +0000 Subject: Wed Apr 22 02:19:37 UTC 2020 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit a/kernel-firmware-20200421_78c0348-noarch-1.txz: Upgraded. a/kernel-generic-5.4.34-x86_64-1.txz: Upgraded. a/kernel-huge-5.4.34-x86_64-1.txz: Upgraded. a/kernel-modules-5.4.34-x86_64-1.txz: Upgraded. a/openssl-solibs-1.1.1g-x86_64-1.txz: Upgraded. d/git-2.26.2-x86_64-1.txz: Upgraded. This update fixes a security issue: With a crafted URL that contains a newline or empty host, or lacks a scheme, the credential helper machinery can be fooled into providing credential information that is not appropriate for the protocol in use and host being contacted. Unlike the vulnerability CVE-2020-5260 fixed in v2.17.4, the credentials are not for a host of the attacker's choosing; instead, they are for some unspecified host (based on how the configured credential helper handles an absent "host" parameter). For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11008 (* Security fix *) d/kernel-headers-5.4.34-x86-1.txz: Upgraded. d/vala-0.48.4-x86_64-1.txz: Upgraded. k/kernel-source-5.4.34-noarch-1.txz: Upgraded. INFINIBAND_CXGB3 n -> m INFINIBAND_IPOIB_CM n -> y INFINIBAND_IPOIB_DEBUG_DATA n -> y Thanks to Karl Magnus Kolstø. l/M2Crypto-0.35.2-x86_64-4.txz: Rebuilt. Don't package typing-3.7.4.1 for python3. l/netpbm-10.90.01-x86_64-1.txz: Upgraded. n/openssl-1.1.1g-x86_64-1.txz: Upgraded. This update fixes a security issue: Fixed segmentation fault in SSL_check_chain() that could be exploited by a malicious peer in a Denial of Service attack. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1967 (* Security fix *) x/libva-2.7.1-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. testing/packages/PAM/openvpn-2.4.9-x86_64-1_pam.txz: Upgraded. This update fixes a security issue: Fix illegal client float. Thanks to Lev Stipakov. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11810 (* Security fix *) usb-and-pxe-installers/usbboot.img: Rebuilt. --- testing/packages/PAM/openvpn-2.4.9-x86_64-1_pam.txt | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 testing/packages/PAM/openvpn-2.4.9-x86_64-1_pam.txt (limited to 'testing/packages/PAM/openvpn-2.4.9-x86_64-1_pam.txt') diff --git a/testing/packages/PAM/openvpn-2.4.9-x86_64-1_pam.txt b/testing/packages/PAM/openvpn-2.4.9-x86_64-1_pam.txt new file mode 100644 index 00000000..73bb76e0 --- /dev/null +++ b/testing/packages/PAM/openvpn-2.4.9-x86_64-1_pam.txt @@ -0,0 +1,11 @@ +openvpn: openvpn (secure IP tunnel daemon) +openvpn: +openvpn: OpenVPN is a full-featured SSL VPN which can accommodate a wide range +openvpn: of configurations, including remote access, site-to-site VPNs, WiFi +openvpn: security, and enterprise-scale remote access with load balancing, +openvpn: failover, and fine-grained access-controls. +openvpn: +openvpn: OpenVPN's home on the net is: http://openvpn.net +openvpn: +openvpn: +openvpn: -- cgit v1.2.3