From owner-svn-ports-head@FreeBSD.ORG  Fri Apr 12 16:14:23 2013
Return-Path: <owner-svn-ports-head@FreeBSD.ORG>
Delivered-To: svn-ports-head@freebsd.org
Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115])
 by hub.freebsd.org (Postfix) with ESMTP id 4253C19F;
 Fri, 12 Apr 2013 16:14:23 +0000 (UTC) (envelope-from des@FreeBSD.org)
Received: from svn.freebsd.org (svn.freebsd.org
 [IPv6:2001:1900:2254:2068::e6a:0])
 by mx1.freebsd.org (Postfix) with ESMTP id 34ED7107B;
 Fri, 12 Apr 2013 16:14:23 +0000 (UTC)
Received: from svn.freebsd.org ([127.0.1.70])
 by svn.freebsd.org (8.14.6/8.14.6) with ESMTP id r3CGENW1065220;
 Fri, 12 Apr 2013 16:14:23 GMT (envelope-from des@svn.freebsd.org)
Received: (from des@localhost)
 by svn.freebsd.org (8.14.6/8.14.5/Submit) id r3CGEMaH065219;
 Fri, 12 Apr 2013 16:14:22 GMT (envelope-from des@svn.freebsd.org)
Message-Id: <201304121614.r3CGEMaH065219@svn.freebsd.org>
From: Dag-Erling Smørgrav <des@FreeBSD.org>
Date: Fri, 12 Apr 2013 16:14:22 +0000 (UTC)
To: ports-committers@freebsd.org, svn-ports-all@freebsd.org,
 svn-ports-head@freebsd.org
Subject: svn commit: r315790 - head/security/vuxml
X-SVN-Group: ports-head
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-ports-head@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: SVN commit messages for the ports tree for head
 <svn-ports-head.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-ports-head>,
 <mailto:svn-ports-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-ports-head>
List-Post: <mailto:svn-ports-head@freebsd.org>
List-Help: <mailto:svn-ports-head-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-ports-head>,
 <mailto:svn-ports-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 12 Apr 2013 16:14:23 -0000

Author: des
Date: Fri Apr 12 16:14:22 2013
New Revision: 315790
URL: http://svnweb.freebsd.org/changeset/ports/315790

Log:
  Edit OpenVPN 2.3.1 entry:
  
   - Replace links to changelog and commit with a link to the official
     announcement (which also links to the commit)
  
   - Replace the description with a sentence lifted from the
     announcement.
  
  Approved by:	portmgr (tabthorpe)

Modified:
  head/security/vuxml/vuln.xml

Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml	Fri Apr 12 06:40:01 2013	(r315789)
+++ head/security/vuxml/vuln.xml	Fri Apr 12 16:14:22 2013	(r315790)
@@ -497,14 +497,14 @@ Note:  Please add new entries to the beg
       <body xmlns="http://www.w3.org/1999/xhtml">
 	<p>The OpenVPN project reports:</p>
 	<blockquote cite="https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn23#OpenVPN2.3.1">
-	  <p>[OpenVPN 2.3.1 adds a fix to prevent potential side-channel
-	    attacks by switching to a] constant time memcmp when comparing HMACs in [the] openvpn_decrypt [function].</p>
+	  <p>OpenVPN 2.3.0 and earlier running in UDP mode are subject
+	    to chosen ciphertext injection due to a non-constant-time
+	    HMAC comparison function.</p>
 	</blockquote>
       </body>
     </description>
     <references>
-      <url>https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn23#OpenVPN2.3.1</url>
-      <url>http://openvpn.git.sourceforge.net/git/gitweb.cgi?p=openvpn/openvpn-testing.git;a=commit;h=11d21349a4e7e38a025849479b36ace7c2eec2ee</url>
+      <url>https://community.openvpn.net/openvpn/wiki/SecurityAnnouncement-f375aa67cc</url>
     </references>
     <dates>
       <discovery>2013-03-19</discovery>