Date: Mon, 17 Nov 2025 22:12:38 GMT From: Matthias Andree <mandree@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Subject: git: 29388509d66a - main - security/openvpn-devel: upgrade port to git commit d6ee27b4ff (2.7_rc2, 2025-11-17) Message-ID: <202511172212.5AHMCc3F048602@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by mandree: URL: https://cgit.FreeBSD.org/ports/commit/?id=29388509d66aa002f0b88c76f91df2b31e070ba7 commit 29388509d66aa002f0b88c76f91df2b31e070ba7 Author: Gert Doering <gert@greenie.muc.de> AuthorDate: 2025-11-17 21:35:25 +0000 Commit: Matthias Andree <mandree@FreeBSD.org> CommitDate: 2025-11-17 22:09:29 +0000 security/openvpn-devel: upgrade port to git commit d6ee27b4ff (2.7_rc2, 2025-11-17) This commit brings the port to "openvpn 2.7_rc2" Changes of interest for FreeBSD: - IPv6 address parsing: fix buffer overread on invalid input (CVE-2025-12106) - HMAC verification check: fix incorrect memcmp() call (CVE-2025-13086) - even more type conversion related warnings have been fixed - DCO FreeBSD improvements: improving debug messages (verb 6) implement client-side counter handling repair --inactive (and document shortcomings) repair handling of DCO disconnection notifications in --client mode - improve cmocka unit test assert() handling - PUSH_UPDATE server: fix reporting of client IPs in ``status`` output after pushing a new IPv4/IPv6 address to client - AEAD cipher safety margins: fix calculation of AEAD blocks in use (old code would undercount blocks) - fix invalid pointer creation / memory overread in tls_pre_decrypt - deprecate ``--opt-verify`` (change into no-op + warning) -- additions by mandree@ -- Security: 50a0c266-c3ff-11f0-b513-0da7be77c170 Security: CVE-2025-12106 Security: 17a40d76-c3fd-11f0-b513-0da7be77c170 Security: CVE-2025-13086 MFH: 2025Q4 --- security/openvpn-devel/Makefile | 4 ++-- security/openvpn-devel/distinfo | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/security/openvpn-devel/Makefile b/security/openvpn-devel/Makefile index 3f24ec986421..1fa17d217cc5 100644 --- a/security/openvpn-devel/Makefile +++ b/security/openvpn-devel/Makefile @@ -1,5 +1,5 @@ PORTNAME= openvpn -DISTVERSION= g20251031 +DISTVERSION= g20251117 PORTREVISION= 0 # leave in even if 0 to avoid accidental PORTEPOCH bumps PORTEPOCH= 1 CATEGORIES= security net net-vpn @@ -21,7 +21,7 @@ LIB_DEPENDS+= liblzo2.so:archivers/lzo2 USES= autoreconf cpe libtool pkgconfig python:build shebangfix tar:xz IGNORE_SSL= libressl libressl-devel USE_GITLAB= yes -GL_TAGNAME= 4281449ba4db2de57375aa7087ef5920aeba10de +GL_TAGNAME= d6ee27b4ff31e4469d699f3bfd7b9998ab167230 USE_RC_SUBR= openvpn SHEBANG_FILES= sample/sample-scripts/auth-pam.pl \ diff --git a/security/openvpn-devel/distinfo b/security/openvpn-devel/distinfo index d9cc4a7e963d..6d2c15323da2 100644 --- a/security/openvpn-devel/distinfo +++ b/security/openvpn-devel/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1761983634 -SHA256 (openvpn-openvpn-4281449ba4db2de57375aa7087ef5920aeba10de_GL0.tar.gz) = 2e50b77994c1e589f86d772bd5f4a5d2e2f999b614e268b73c4672153e3028ae -SIZE (openvpn-openvpn-4281449ba4db2de57375aa7087ef5920aeba10de_GL0.tar.gz) = 1343555 +TIMESTAMP = 1763394774 +SHA256 (openvpn-openvpn-d6ee27b4ff31e4469d699f3bfd7b9998ab167230_GL0.tar.gz) = 8f57323446853027ed6140521b8485aff100d5858877083059dfaed64ff92edb +SIZE (openvpn-openvpn-d6ee27b4ff31e4469d699f3bfd7b9998ab167230_GL0.tar.gz) = 1347484
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202511172212.5AHMCc3F048602>