From owner-dev-commits-ports-all@freebsd.org Wed Apr 21 17:49:14 2021 Return-Path: Delivered-To: dev-commits-ports-all@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 0B8B95ED35F; Wed, 21 Apr 2021 17:49:14 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FQSjP71tbz3qrP; Wed, 21 Apr 2021 17:49:13 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id E462423E9; Wed, 21 Apr 2021 17:49:13 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 13LHnDZI003532; Wed, 21 Apr 2021 17:49:13 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 13LHnDok003531; Wed, 21 Apr 2021 17:49:13 GMT (envelope-from git) Date: Wed, 21 Apr 2021 17:49:13 GMT Message-Id: <202104211749.13LHnDok003531@gitrepo.freebsd.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-branches@FreeBSD.org From: Matthias Andree Subject: git: 08c22f24c94d - 2021Q2 - security/openvpn: security update to v2.5.2 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: mandree X-Git-Repository: ports X-Git-Refname: refs/heads/2021Q2 X-Git-Reftype: branch X-Git-Commit: 08c22f24c94d9310d984e2ce0aa3c840bb5accd2 Auto-Submitted: auto-generated X-BeenThere: dev-commits-ports-all@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commit messages for all branches of the ports repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Apr 2021 17:49:14 -0000 The branch 2021Q2 has been updated by mandree: URL: https://cgit.FreeBSD.org/ports/commit/?id=08c22f24c94d9310d984e2ce0aa3c840bb5accd2 commit 08c22f24c94d9310d984e2ce0aa3c840bb5accd2 Author: Matthias Andree AuthorDate: 2021-04-21 17:46:21 +0000 Commit: Matthias Andree CommitDate: 2021-04-21 17:48:38 +0000 security/openvpn: security update to v2.5.2 Changelog: https://github.com/OpenVPN/openvpn/blob/release/2.5/Changes.rst#overview-of-changes-in-252 Security: CVE-2020-15078 Security: efb965be-a2c0-11eb-8956-1951a8617e30 MFH: 2021Q2 (cherry picked from commit 6271ca01ce9d0733b650b42cdf98813b27758370) --- security/openvpn/Makefile | 11 ++++++----- security/openvpn/distinfo | 6 +++--- 2 files changed, 9 insertions(+), 8 deletions(-) diff --git a/security/openvpn/Makefile b/security/openvpn/Makefile index 1e2a19dfc81a..93904f5908c9 100644 --- a/security/openvpn/Makefile +++ b/security/openvpn/Makefile @@ -1,7 +1,7 @@ # Created by: Matthias Andree PORTNAME= openvpn -DISTVERSION= 2.5.1 +DISTVERSION= 2.5.2 PORTREVISION?= 0 CATEGORIES= security net net-vpn MASTER_SITES= https://swupdate.openvpn.org/community/releases/ \ @@ -34,11 +34,8 @@ SUB_FILES= pkg-message openvpn-client PORTDOCS= * PORTEXAMPLES= * -# avoid picking up CMAKE, we don't have cmocka in the tarballs. -CONFIGURE_ENV+= ac_cv_prog_CMAKE= CMAKE= - OPTIONS_DEFINE= PKCS11 EASYRSA DOCS EXAMPLES X509ALTUSERNAME \ - TEST LZ4 LZO SMALL TUNNELBLICK ASYNC_PUSH + TEST LZ4 LZO SMALL TUNNELBLICK ASYNC_PUSH UNITTESTS OPTIONS_DEFAULT= EASYRSA OPENSSL TEST LZ4 LZO OPTIONS_SINGLE= SSL OPTIONS_SINGLE_SSL= OPENSSL MBEDTLS @@ -48,6 +45,7 @@ MBEDTLS_DESC= SSL/TLS via mbedTLS (lacks TLS v1.3) PKCS11_DESC= Use security/pkcs11-helper (OpenSSL only) SMALL_DESC= Build a smaller executable with fewer features TUNNELBLICK_DESC= Tunnelblick XOR scramble patch (READ HELP!) +UNITTESTS_DESC= Enable unit tests X509ALTUSERNAME_DESC= Enable --x509-username-field (OpenSSL only) ASYNC_PUSH_LIB_DEPENDS= libinotify.so:devel/libinotify @@ -79,6 +77,9 @@ TEST_TEST_TARGET_OFF= check TUNNELBLICK_EXTRA_PATCHES= ${FILESDIR}/extra-tunnelblick-openvpn_xorpatch:-p1 +UNITTESTS_BUILD_DEPENDS= cmocka>=0:sysutils/cmocka +UNITTESTS_CONFIGURE_ENABLE= unit-tests + X509ALTUSERNAME_PREVENTS= MBEDTLS X509ALTUSERNAME_PREVENTS_MSG= OpenVPN ${DISTVERSION} cannot use --x509-username-field with mbedTLS. Disable X509ALTUSERNAME, or use OpenSSL instead X509ALTUSERNAME_CONFIGURE_ENABLE= x509-alt-username diff --git a/security/openvpn/distinfo b/security/openvpn/distinfo index 2e53f51759f8..46c0867f3257 100644 --- a/security/openvpn/distinfo +++ b/security/openvpn/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1614191992 -SHA256 (openvpn-2.5.1.tar.xz) = 40930489c837c05f6153f38e1ebaec244431ef1a034e4846ff732d71d59ff194 -SIZE (openvpn-2.5.1.tar.xz) = 1132708 +TIMESTAMP = 1619022841 +SHA256 (openvpn-2.5.2.tar.xz) = b12743836901f365efaf82ab2493967e1b21c21eb43ce9a8da1002a17c9c1dc8 +SIZE (openvpn-2.5.2.tar.xz) = 1134644