Summary: | <net-vpn/openvpn-2.4.3: multiple memory corruption vulnerabilities (CVE-2017-{7508,7520,7521,7522}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Hanno Böck <hanno> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | alexander, chutzpah, mrueg, sergeev917, sudormrfhalt |
Priority: | Normal | Flags: | stable-bot:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://community.openvpn.net/openvpn/wiki/VulnerabilitiesFixedInOpenVPN243 | ||
Whiteboard: | B3 [noglsa cve] | ||
Package list: |
=net-vpn/openvpn-2.4.3
=net-misc/networkmanager-openvpn-1.2.10 amd64 x86
|
Runtime testing required: | --- |
Description
Hanno Böck
2017-06-21 11:30:47 UTC
commit f18b448fb4d8b18f058d67a4baf8445493cb5b52 Author: Manuel Rüger <mrueg@gentoo.org> Date: Wed Jun 21 19:56:43 2017 +0200 net-vpn/openvpn: Version bump to 2.4.3 Gentoo-Bug: #622376 Package-Manager: Portage-2.3.6, Repoman-2.3.2 Arches, please test and mark stable: =net-vpn/openvpn-2.4.3 Target keywords : "alpha amd64 arm hppa ia64 ppc ppc64 sparc x86" =net-misc/networkmanager-openvpn-1.2.10 Target keywords : "amd64 x86" amd64 stable Stable on alpha. ia64 stable x86 stable arm stable sparc stable ppc stable ppc64 stable Arches, please finish stabilizing hppa Gentoo Security Padawan ChrisADR hppa stable Vulnerable versions for these issues have been cleaned up. Downgraded to B3. All reports discuss DoS and provide no PoC for ACE/RCE. GLSA Vote: No |