Fedora 26: openvpn Security Update 2017-89d98779ec
Summary
OpenVPN is a robust and highly flexible tunneling application that uses all
of the encryption, authentication, and certification features of the
OpenSSL library to securely tunnel IP networks over a single UDP or TCP
port. It can use the Marcus Franz Xaver Johannes Oberhumers LZO library
for compression.
This update brings in the latest OpenVPN v2.4.2 release. This release contains
fixes for two authenticated remote DoS vulnerabilities (CVE-2017-7478 and
CVE-2017-7479). For more information see the upstream [security announcement](h
ttp://community.openvpn.net/openvpn/wiki/QuarkslabAndCryptographyEngineerAudits)
. This build also switches back to OpenSSL 1.0, using compat-openssl10 and
compat-openssl10-pkcs11-helper. This is temporarily until full OpenSSL 1.1
support have arrived OpenVPN. This should also resolve a lot of issues with
features missing or not working properly with mbed TLS.
[ 1 ] Bug #1443942 - enable the x509-username-field option
https://bugzilla.redhat.com/show_bug.cgi?id=1443942
[ 2 ] Bug #1440468 - OpenVPN 2.4 in F26 lacks --pkcs12 support when built against mbed TLS
https://bugzilla.redhat.com/show_bug.cgi?id=1440468
[ 3 ] Bug #1432125 - SELinux is preventing systemd from 'create' accesses on the unix_stream_socket Unknown.
https://bugzilla.redhat.com/show_bug.cgi?id=1432125
[ 4 ] Bug #1443749 - No MD5 support available
https://bugzilla.redhat.com/show_bug.cgi?id=1443749
su -c 'dnf upgrade openvpn' at the command line.
For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
FEDORA-2017-89d98779ec 2017-05-14 20:16:27.405986 Product : Fedora 26 Version : 2.4.2 Release : 1.fc26 URL : https://community.openvpn.net/openvpn Summary : A full-featured SSL VPN solution Description : OpenVPN is a robust and highly flexible tunneling application that uses all of the encryption, authentication, and certification features of the OpenSSL library to securely tunnel IP networks over a single UDP or TCP port. It can use the Marcus Franz Xaver Johannes Oberhumers LZO library for compression. This update brings in the latest OpenVPN v2.4.2 release. This release contains fixes for two authenticated remote DoS vulnerabilities (CVE-2017-7478 and CVE-2017-7479). For more information see the upstream [security announcement](h ttp://community.openvpn.net/openvpn/wiki/QuarkslabAndCryptographyEngineerAudits) . This build also switches back to OpenSSL 1.0, using compat-openssl10 and compat-openssl10-pkcs11-helper. This is temporarily until full OpenSSL 1.1 support have arrived OpenVPN. This should also resolve a lot of issues with features missing or not working properly with mbed TLS. [ 1 ] Bug #1443942 - enable the x509-username-field option https://bugzilla.redhat.com/show_bug.cgi?id=1443942 [ 2 ] Bug #1440468 - OpenVPN 2.4 in F26 lacks --pkcs12 support when built against mbed TLS https://bugzilla.redhat.com/show_bug.cgi?id=1440468 [ 3 ] Bug #1432125 - SELinux is preventing systemd from 'create' accesses on the unix_stream_socket Unknown. https://bugzilla.redhat.com/show_bug.cgi?id=1432125 [ 4 ] Bug #1443749 - No MD5 support available https://bugzilla.redhat.com/show_bug.cgi?id=1443749 su -c 'dnf upgrade openvpn' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Change Log
References