openvpn: update to v2.4.2
authorJo-Philipp Wich <jo@mein.io>
Fri, 12 May 2017 09:48:58 +0000 (11:48 +0200)
committerJo-Philipp Wich <jo@mein.io>
Fri, 12 May 2017 09:54:48 +0000 (11:54 +0200)
Update to version 2.4.2 in order to address two potential Denial-of-Service
vectors in OpenVPN.

CVE-2017-7478 - Don't assert out on receiving too-large control packets
CVE-2017-7479 - Drop packets instead of assert out if packet id rolls over

Ref: https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn24#OpenVPN2.4.2
Ref: https://community.openvpn.net/openvpn/wiki/QuarkslabAndCryptographyEngineerAudits

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
package/network/services/openvpn/Makefile

index adce897b5dc89247affd2112b6c6ab00ad0c6914..ea3ac3d83dadccdbe4588c78658f427dc47630c9 100644 (file)
@@ -9,14 +9,14 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=openvpn
 
-PKG_VERSION:=2.4.1
+PKG_VERSION:=2.4.2
 PKG_RELEASE:=1
 
 PKG_SOURCE_URL:=\
        https://build.openvpn.net/downloads/releases/ \
        https://swupdate.openvpn.net/community/releases/
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
-PKG_HASH:=fde9e22c6df7a335d2d58c6a4d5967be76df173c766a5c51ece57fd044c76ee5
+PKG_HASH:=df5c4f384b7df6b08a2f6fa8a84b9fd382baf59c2cef1836f82e2a7f62f1bff9
 
 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION)
 PKG_MAINTAINER:=Felix Fietkau <nbd@nbd.name>