CVS commit: pkgsrc/net/openvpn

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/net/openvpn
From: Emmanuel Dreyfus <manu%netbsd.org@localhost>
Date: Wed, 18 Nov 2009 08:10:16 +0000

Module Name:    pkgsrc
Committed By:   manu
Date:           Wed Nov 18 08:10:16 UTC 2009

Modified Files:
        pkgsrc/net/openvpn: Makefile distinfo

Log Message:
Update to 2.1rc21. From Changelog:
* Rebuilt OpenVPN Windows installer with OpenSSL 0.9.8l to address
  CVE-2009-3555.  Note that OpenVPN has never relied on the session
  renegotiation capabilities that are built into the SSL/TLS protocol,
  therefore the fix in OpenSSL 0.9.8l (disable SSL/TLS renegotiation
  completely) will not adversely affect OpenVPN mid-session SSL/TLS
  renegotation or any other OpenVPN capabilities.

* Added additional session renegotiation hardening.  OpenVPN has always
  required that mid-session renegotiations build up a new SSL/TLS
  session from scratch.  While the client certificate common name is
  already locked against changes in mid-session TLS renegotiations, we
  now extend this locking to the auth-user-pass username as well as all
  certificate content in the full client certificate chain.


To generate a diff of this commit:
cvs rdiff -u -r1.33 -r1.34 pkgsrc/net/openvpn/Makefile
cvs rdiff -u -r1.18 -r1.19 pkgsrc/net/openvpn/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: pkgsrc/time/hamster-applet
Next by Date: CVS commit: pkgsrc/x11/gtk2
Previous by Thread: CVS commit: pkgsrc/time/hamster-applet
Next by Thread: CVS commit: pkgsrc/x11/gtk2
Indexes:

Home | Main Index | Thread Index | Old Index