openvpn: upgrade 2.6.10 -> 2.6.12 - linux/meta-openembedded.git - Mirror of git.openembedded.org/meta-openembedded

diff options

author	Haixiao Yan <haixiao.yan.cn@windriver.com>	2024-11-11 14:41:19 +0800
committer	Armin Kuster <akuster808@gmail.com>	2024-11-24 17:37:58 -0500
commit	3d234d9a1276255911c9eb41315e7251d62ac2c7 (patch)
tree	a9d48a4502e520a154c9207bea64df07266b6081 /meta-python/recipes-devtools/python/python3-matplotlib
parent	60fc5f65e1530f3a2e5d6e76b9799091d8763127 (diff)
download	meta-openembedded-3d234d9a1276255911c9eb41315e7251d62ac2c7.tar.gz

openvpn: upgrade 2.6.10 -> 2.6.12

ChangeLog: https://github.com/OpenVPN/openvpn/blob/v2.6.12/Changes.rst Security fixes: CVE-2024-4877: Windows: harden interactive service pipe. Security scope: a malicious process with "some" elevated privileges (SeImpersonatePrivilege) could open the pipe a second time, tricking openvn GUI into providing user credentials (tokens), getting full access to the account openvpn-gui.exe runs as. CVE-2024-5594: control channel: refuse control channel messages with nonprintable characters in them. Security scope: a malicious openvpn peer can send garbage to openvpn log, or cause high CPU load. CVE-2024-28882: only call schedule_exit() once (on a given peer). Security scope: an authenticated client can make the server "keep the session" even when the server has been told to disconnect this client. Signed-off-by: Haixiao Yan <haixiao.yan.cn@windriver.com> [Drop CVE-2024-28882 patch not yet in stable] Signed-off-by: Armin Kuster <akuster808@gmail.com>

Diffstat (limited to 'meta-python/recipes-devtools/python/python3-matplotlib')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: