OpenVPN 2.3.11-- released on 2016.05.10 (Change Log)
This release fixes two vulnerabilities: a port-share bug with DoS potential and a buffer overflow by user supplied data when using pam authentication. In addition a number of small fixes and improvements are included. A full list of changes is available here.
James Yonan (1):
Fixed port-share bug with DoS potential
Jens Neuhalfen (2):
Make intent of utun device name validation clear
Fix buffer overflow by user supplied data
Author: Manuel Rüger <firstname.lastname@example.org>
Date: Fri May 13 23:34:31 2016 +0200
net-misc/openvpn: Security bump to 2.3.11, Check kernel options
amd64 arm hppa ppc64 x86 alpha ia64 ppc sparc:
Please stabilize 2.3.11
Stable for PPC64.
Stable for HPPA.
Stable on alpha.
Maintainer(s), please cleanup.
Security, please add it to the existing request, or file a new one.
Arches and Maintainer(s), Thank you for your work.
This issue was resolved and addressed in
GLSA 201611-02 at https://security.gentoo.org/glsa/201611-02
by GLSA coordinator Aaron Bauman (b-man).