Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 3 Jun 2021 12:35:18 GMT
From:      Matthias Andree <mandree@FreeBSD.org>
To:        ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-branches@FreeBSD.org
Subject:   git: c306c212d40f - 2021Q2 - security/openvpn: band-aid fix for SIGSEGV on push echo
Message-ID:  <202106031235.153CZIUN050529@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help 
The branch 2021Q2 has been updated by mandree:

URL: https://cgit.FreeBSD.org/ports/commit/?id=c306c212d40f2112cd0713e53add1e7851393dc3

commit c306c212d40f2112cd0713e53add1e7851393dc3
Author:     Matthias Andree <mandree@FreeBSD.org>
AuthorDate: 2021-06-03 10:47:16 +0000
Commit:     Matthias Andree <mandree@FreeBSD.org>
CommitDate: 2021-06-03 12:34:57 +0000

    security/openvpn: band-aid fix for SIGSEGV on push echo
    
    PR:             256331
    Reported by:    peo@nethead.se
    
    (cherry picked from commit 6c20c4906a3b0f805c932f4e74ef7f62086e704d)
---
 security/openvpn/Makefile                          |  2 +-
 security/openvpn/files/patch-src_openvpn_options.c | 11 +++++++++++
 2 files changed, 12 insertions(+), 1 deletion(-)

diff --git a/security/openvpn/Makefile b/security/openvpn/Makefile
index 4a82851e65f1..9119e2dfa9ab 100644
--- a/security/openvpn/Makefile
+++ b/security/openvpn/Makefile
@@ -2,7 +2,7 @@
 
 PORTNAME=		openvpn
 DISTVERSION=		2.5.2
-PORTREVISION?=		1
+PORTREVISION?=		2
 CATEGORIES=		security net net-vpn
 MASTER_SITES=		https://swupdate.openvpn.org/community/releases/ \
 			https://build.openvpn.net/downloads/releases/ \
diff --git a/security/openvpn/files/patch-src_openvpn_options.c b/security/openvpn/files/patch-src_openvpn_options.c
new file mode 100644
index 000000000000..e46faee8efd0
--- /dev/null
+++ b/security/openvpn/files/patch-src_openvpn_options.c
@@ -0,0 +1,11 @@
+--- src/openvpn/options.c.orig	2021-04-21 04:02:50 UTC
++++ src/openvpn/options.c
+@@ -5319,7 +5319,7 @@ add_option(struct options *options,
+         {
+             /* only message-related ECHO are logged, since other ECHOs
+              * can potentially include security-sensitive strings */
+-            if (strncmp(p[1], "msg", 3) == 0)
++            if (p[1] && strncmp(p[1], "msg", 3) == 0)
+             {
+                 msg(M_INFO, "%s:%s",
+                     pull_mode ? "ECHO-PULL" : "ECHO",

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202106031235.153CZIUN050529>