Date: Fri, 17 Apr 2020 19:16:52 +0000 (UTC) From: Matthias Andree <mandree@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r531963 - in branches/2020Q2/security/openvpn: . files Message-ID: <202004171916.03HJGqCP062095@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: mandree Date: Fri Apr 17 19:16:52 2020 New Revision: 531963 URL: https://svnweb.freebsd.org/changeset/ports/531963 Log: MFH: r531957 security/openvpn: update to 2.4.9 (also for -mbedtls slave port) At the same time, remove ASYNC_PUSH_LIBS workaround from [1]. Changelog (high-level): https://github.com/OpenVPN/openvpn/blob/release/2.4/Changes.rst#version-249 Git changelog, marking the three fixes that were already in 2.4.8_3 as cherry-picks with a 1, 2, or 3 instead of "*" to correspond with the PORTREVISION, and those with "-" that are specific to other systems, say, Windows. * 9b0dafca 2020-04-16 | Preparing release v2.4.9 (ChangeLog, version.m4, Changes.rst) (tag: v2.4.9) [Gert Doering] 3 f7b318f8 2020-04-15 | Fix illegal client float (CVE-2020-11810) [Lev Stipakov] * 9bb285e3 2020-03-13 | Fix broken async push with NCP is used [Lev Stipakov] - 5f8a9df1 2020-02-12 | Allow unicode search string in --cryptoapicert option [Selva Nair] - 4658b3b6 2020-02-12 | Skip expired certificates in Windows certificate store [Selva Nair] * df5ea7f1 2020-02-19 | Fix possible access of uninitialized pipe handles [Selva Nair] * 1d9e0be2 2020-02-19 | Fix possibly uninitialized return value in GetOpenvpnSettings() [Selva Nair] * 5ee76a8f 2020-03-28 | Fix OpenSSL 1.1.1 not using auto elliptic curve selection [Arne Schwabe] * ed925c0a 2020-04-07 | OpenSSL: Fix --crl-verify not loading multiple CRLs in one file [Maxim Plotnikov] * 2fe84732 2020-03-30 | When auth-user-pass file has no password query the management interface (if available). [Selva Nair] * 908eae5c 2020-04-03 | Move querying username/password from management interface to a function [Selva Nair] * 15bc476f 2020-04-02 | Fix OpenSSL error stack handling of tls_ctx_add_extra_certs [Arne Schwabe] * 22df79bb 2020-04-01 | Fetch OpenSSL versions via source/old links [Arne Schwabe] * 0efbd8e9 2020-03-31 | mbedTLS: Make sure TLS session survives move [Tom van Leeuwen] * 33395693 2020-03-25 | docs: Add reference to X509_LOOKUP_hash_dir(3) [WGH] * 7d19b2bb 2019-10-21 | Fix OpenSSL private key passphrase notices [Santtu Lakkala] 2 8484f37a 2020-03-14 | Fix building with --enable-async-push in FreeBSD [Lev Stipakov] * 69bbfbdf 2020-02-18 | Swap the order of checks for validating interactive service user [Selva Nair] * 0ba4f916 2019-11-09 | socks: use the right function when printing struct openvpn_sockaddr [Antonio Quartulli] 1 3bd91cd0 2019-10-30 | Fix broken fragmentation logic when using NCP [Lev Stipakov] PR: 244286 [1] Approved by: ports-secteam (joneum@) Deleted: branches/2020Q2/security/openvpn/files/patch-CVE-2020-11810 branches/2020Q2/security/openvpn/files/patch-g3bd91cd-Fix-broken-fragmentation-logic-when-using-NCP Modified: branches/2020Q2/security/openvpn/Makefile branches/2020Q2/security/openvpn/distinfo Directory Properties: branches/2020Q2/ (props changed) Modified: branches/2020Q2/security/openvpn/Makefile ============================================================================== --- branches/2020Q2/security/openvpn/Makefile Fri Apr 17 19:01:46 2020 (r531962) +++ branches/2020Q2/security/openvpn/Makefile Fri Apr 17 19:16:52 2020 (r531963) @@ -2,13 +2,12 @@ # $FreeBSD$ PORTNAME= openvpn -DISTVERSION= 2.4.8 -# FIXME XXX check if 2.4.9 still needs ASYNC_PUSH_LIBS, see -# https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=244286#c6 and #c7 -PORTREVISION?= 3 +DISTVERSION= 2.4.9 +PORTREVISION?= 0 CATEGORIES= security net net-vpn MASTER_SITES= https://swupdate.openvpn.org/community/releases/ \ - https://build.openvpn.net/downloads/releases/ + https://build.openvpn.net/downloads/releases/ \ + LOCAL/mandree MAINTAINER= mandree@FreeBSD.org COMMENT?= Secure IP/Ethernet tunnel daemon @@ -51,7 +50,6 @@ SMALL_DESC= Build a smaller executable with fewer fea ASYNC_PUSH_CONFIGURE_ENABLE= async-push ASYNC_PUSH_LIB_DEPENDS= libinotify.so:devel/libinotify -ASYNC_PUSH_LIBS= -linotify EASYRSA_RUN_DEPENDS= easy-rsa>=0:security/easy-rsa Modified: branches/2020Q2/security/openvpn/distinfo ============================================================================== --- branches/2020Q2/security/openvpn/distinfo Fri Apr 17 19:01:46 2020 (r531962) +++ branches/2020Q2/security/openvpn/distinfo Fri Apr 17 19:16:52 2020 (r531963) @@ -1,3 +1,3 @@ -TIMESTAMP = 1572606331 -SHA256 (openvpn-2.4.8.tar.xz) = fb8ca66bb7807fff595fbdf2a0afd085c02a6aa47715c9aa3171002f9f1a3f91 -SIZE (openvpn-2.4.8.tar.xz) = 952444 +TIMESTAMP = 1587146198 +SHA256 (openvpn-2.4.9.tar.xz) = 641f3add8694b2ccc39fd4fd92554e4f089ad16a8db6d2b473ec284839a5ebe2 +SIZE (openvpn-2.4.9.tar.xz) = 954264
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202004171916.03HJGqCP062095>