openvpn-2.1_rc21 has been released. updated ebuild includes support for eurephia- and ipv6-patches. Reproducible: Always
Created attachment 210112 [details, diff] openvpn-2.1_rc20_to_rc21.ebuild.patch patch to update ebuild from rc20 to rc21
Created attachment 210113 [details] openvpn-2.1_rc20_to_rc21.ebuild.patch complete ebuild
Created attachment 210114 [details] openvpn-2.1_rc21.ebuild complete ebuild
ChangeLog: OpenVPN Version 2.1_rc21 (source: James Yonan / OpenVPN Tech Inc.) * Rebuilt OpenVPN Windows installer with OpenSSL 0.9.8l to address CVE-2009-3555. Note that OpenVPN has never relied on the session renegotiation capabilities that are built into the SSL/TLS protocol, therefore the fix in OpenSSL 0.9.8l (disable SSL/TLS renegotiation completely) will not adversely affect OpenVPN mid-session SSL/TLS renegotation or any other OpenVPN capabilities. * Added additional session renegotiation hardening. OpenVPN has always required that mid-session renegotiations build up a new SSL/TLS session from scratch. While the client certificate common name is already locked against changes in mid-session TLS renegotiations, we now extend this locking to the auth-user-pass username as well as all certificate content in the full client certificate chain. ipv6-patch-v0.4.10: (source: JuanJo Ciarlante) * All platforms: - implemented redirect-gateway support for ipv4 on ipv6 endpoints - several src cleanups (no actual code changes) - doc updates * win32: - expanded usage of proto_is_udp(), proto_is_tcp() - replaced some memset(&obj, 0, sizeof obj) by openvpn's CLEAR(obj) * openbsd: - there's no IFF_MULTICAST, #ifdef'd around it (not specific to ipv6-patch) eurephia-patch: (source: David Sommerseth) The rewriten patch makes now use of the code practice which is found other places in OpenVPN, and it is not as intrusive as earlier.
Created attachment 210134 [details, diff] openvpn-2.1_rc20_to_rc21.ebuild.patch patch for ebuild 2.1_rc20
Created attachment 210136 [details] openvpn-2.1_rc21.ebuild complete ebuild
*** Bug 293016 has been marked as a duplicate of this bug. ***
Fix in CVS