Summary: | <net-vpn/openvpn-2.5.6: potential authentication by-pass with multiple deferred authentication plug-ins | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | IN_PROGRESS --- | ||
Severity: | minor | CC: | alexander, chutzpah, hydrapolic, maracay, williamh |
Priority: | Normal | Keywords: | PullRequest |
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://community.openvpn.net/openvpn/wiki/CVE-2022-0547 | ||
See Also: | https://github.com/gentoo/gentoo/pull/25120 | ||
Whiteboard: | B4 [glsa cleanup] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 818436, 848969 | ||
Bug Blocks: |
Description
John Helmert III
2022-03-17 18:23:41 UTC
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d85036d80926637fb9170e9a02ca9c6f3f35086b commit d85036d80926637fb9170e9a02ca9c6f3f35086b Author: Tomáš Mózes <hydrapolic@gmail.com> AuthorDate: 2022-04-19 22:41:00 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2022-04-23 01:22:45 +0000 net-vpn/openvpn: bump to 2.5.6 Bug: https://bugs.gentoo.org/835514 Closes: https://bugs.gentoo.org/818436 Signed-off-by: Tomáš Mózes <hydrapolic@gmail.com> Closes: https://github.com/gentoo/gentoo/pull/25120 Signed-off-by: Sam James <sam@gentoo.org> net-vpn/openvpn/Manifest | 1 + net-vpn/openvpn/openvpn-2.5.6.ebuild | 197 +++++++++++++++++++++++++++++++++++ 2 files changed, 198 insertions(+) Please stable when ready. Please cleanup |