[Bug 220183] [MAINTAINER] security/openvpn-devel: Update to 201724 snapshot
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Wed Jun 21 13:29:54 UTC 2017
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=220183
ecrist at secure-computing.net changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #183672|0 |1
is obsolete| |
--- Comment #2 from ecrist at secure-computing.net ---
Created attachment 183675
--> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=183675&action=edit
update to 201725, which includes fixes for 4 CVEs.
New patch, includes update to 201725, which includes important security updates
to OpenVPN:
CVE-2017-7508: mssfix.c remotely-triggerable ASSERT() on malformed IPv6 packet
CVE-2017-7520: ntlm.c NTLM data leak
CVE-2017-7521: issues in extract_x509_extension() leading to server memory
drain/crash/double-free
CVE-2017-7522: mbedTLS/PolarSSL with --x509-track remote crash for certificate
containing NULL values in subject name
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-ports-bugs
mailing list