From owner-cvs-ports@FreeBSD.ORG  Fri Aug 19 09:58:21 2005
Return-Path: <owner-cvs-ports@FreeBSD.ORG>
X-Original-To: cvs-ports@FreeBSD.org
Delivered-To: cvs-ports@FreeBSD.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 79FB516A41F;
	Fri, 19 Aug 2005 09:58:21 +0000 (GMT)
	(envelope-from remko@FreeBSD.org)
Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 4DB0243D46;
	Fri, 19 Aug 2005 09:58:21 +0000 (GMT)
	(envelope-from remko@FreeBSD.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.13.1/8.13.1) with ESMTP id j7J9wLMS022229;
	Fri, 19 Aug 2005 09:58:21 GMT
	(envelope-from remko@repoman.freebsd.org)
Received: (from remko@localhost)
	by repoman.freebsd.org (8.13.1/8.13.1/Submit) id j7J9wK7e022228;
	Fri, 19 Aug 2005 09:58:20 GMT (envelope-from remko)
Message-Id: <200508190958.j7J9wK7e022228@repoman.freebsd.org>
From: Remko Lodder <remko@FreeBSD.org>
Date: Fri, 19 Aug 2005 09:58:20 +0000 (UTC)
To: ports-committers@FreeBSD.org, cvs-ports@FreeBSD.org, cvs-all@FreeBSD.org
X-FreeBSD-CVS-Branch: HEAD
Cc: 
Subject: cvs commit: ports/security/vuxml vuln.xml
X-BeenThere: cvs-ports@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: CVS commit messages for the ports tree <cvs-ports.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-ports>,
	<mailto:cvs-ports-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-ports>
List-Post: <mailto:cvs-ports@freebsd.org>
List-Help: <mailto:cvs-ports-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-ports>,
	<mailto:cvs-ports-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 19 Aug 2005 09:58:21 -0000

remko       2005-08-19 09:58:20 UTC

  FreeBSD ports repository (doc committer)

  Modified files:
    security/vuxml       vuln.xml 
  Log:
  Document four vulnerabilities in openvpn:
  
  * openvpn -- multiple TCP clients connecting with the same certificate at the same time can crash the server
  * openvpn -- denial of service: malicious authenticated &quot;tap&quot; client can deplete server virtual memory
  * openvpn -- denial of service: undecryptable packet from authorized client can disconnect unrelated clients
  * openvpn -- denial of service: client certificate validation can disconnect unrelated clients
  
  Approved by:    portsmgr (blanket VuXML)
  Submitted by:   Matthias Andree <matthias dot andree at gmx dot de>
  
  Revision  Changes    Path
  1.794     +124 -1    ports/security/vuxml/vuln.xml