Overview Repositories Revisions Requests Users Attributes Meta

Revisions of openvpn

buildservice-autocommit accepted request 1065524 from Mohd Saquib's avatar Mohd Saquib (msaquib) (revision 186) 
baserev update by copy to link target
Mohd Saquib's avatar Mohd Saquib (msaquib) accepted request 1065450 from Thorsten Kukuk's avatar Thorsten Kukuk (kukuk) (revision 185) 
- Remove migration from openvpn.service to openvpn@.service and
  depending requires, this is from pre SLE12 times and not supported
  anymore.
buildservice-autocommit accepted request 1057073 from Reinhard Max's avatar Reinhard Max (rmax) (revision 184) 
baserev update by copy to link target
Reinhard Max's avatar Reinhard Max (rmax) committed (revision 183) 
- bsc#1123557: --suppress-timestamps isn't needed by default.
buildservice-autocommit accepted request 1037543 from Reinhard Max's avatar Reinhard Max (rmax) (revision 182) 
baserev update by copy to link target
Reinhard Max's avatar Reinhard Max (rmax) accepted request 1036732 from Dirk Mueller's avatar Dirk Mueller (dirkmueller) (revision 181) 
- update to 2.5.8:
  * allow running a default configuration with TLS libraries without BF-CBC
    (even if TLS cipher negotiation would not actually use BF-CBC, the
    long-term compatibility "default cipher BF-CBC" would trigger an error
    on such TLS libraries)
  * ``--auth-nocache'' was not always correctly clearing username+password
    after a renegotiation
  * ensure that auth-token received from server is cleared if requested
    by the management interface ("forget password" or automatically
    via ``--management-forget-disconnect'')
  * in a setup without username+password, but with auth-token and
    auth-token-username pushed by the server, OpenVPN would start asking
    for username+password on token expiry.  Fix.
  * using ``--auth-token`` together with ``--management-client-auth``
    (on the server) would lead to TLS keys getting out of sync and client
    being disconnected.  Fix.
  * management interface would sometimes get stuck if client and server
    try to write something simultaneously.  Fix by allowing a limited
    level of recursion in virtual_output_callback()
  * fix management interface not returning ERROR:/SUCCESS: response
    on "signal SIGxxx" commands when in HOLD state
  * tls-crypt-v2: abort connection if client-key is too short
  * make man page agree with actual code on replay-window backtrag log message
  * remove useless empty line from CR_RESPONSE message
buildservice-autocommit accepted request 1004129 from Reinhard Max's avatar Reinhard Max (rmax) (revision 180) 
baserev update by copy to link target
Reinhard Max's avatar Reinhard Max (rmax) accepted request 1003012 from Dirk Mueller's avatar Dirk Mueller (dirkmueller) (revision 179) 
- build with enable-iproute2 again to have root-less mode working (bsc#1202792)
buildservice-autocommit accepted request 981470 from Reinhard Max's avatar Reinhard Max (rmax) (revision 178) 
baserev update by copy to link target
Reinhard Max's avatar Reinhard Max (rmax) accepted request 980821 from Dirk Mueller's avatar Dirk Mueller (dirkmueller) (revision 177) 
- update to 2.5.7:
  * Limited OpenSSL 3.0 support
  * print OpenSSL error stack if decoding PKCS12 file fails
  * fix omission of cipher-negotiation.rst in tarballs
  * fix errno handling on Windows (Windows has different classes of
    error codes, GetLastError() and C runtime errno, these should now
    be handled correctly)
  * fix PATH_MAX build failure in auth-pam.c
  * fix t_net.sh self-test leaving around stale "ovpn-dummy0" interface
  * fix overlong path names, leading to missing pkcs11-helper patch
    in tarball
buildservice-autocommit accepted request 965876 from Factory Maintainer's avatar Factory Maintainer (factory-maintainer) (revision 176) 
baserev update by copy to link target
Reinhard Max's avatar Reinhard Max (rmax) committed (revision 175) 
- update to 2.5.6:
  * bsc#1197341, CVE-2022-0547: possible authentication bypass in
    external authentication plug-in
  * Fix "--mtu-disc maybe|yes" on Linux
  * Fix $common_name variable passed to scripts when
    username-as-common-name is in effect.
  * Fix potential memory leaks in add_route() and add_route_ipv6().
  * Apply connect-retry backoff only to one side of the connection
    in p2p mode.
  * repair "--inactive" handling with a 'bytes' parameter larger
    than 2 Gbytes.
  * new plugin (sample-plugin/defer/multi-auth.c) to help testing
    with multiple parallel plugins that succeed/fail in
    direct/deferred mode.
Reinhard Max's avatar Reinhard Max (rmax) committed (revision 174)
Reinhard Max's avatar Reinhard Max (rmax) committed (revision 173) 
- Fix license tag in spec file.
Reinhard Max's avatar Reinhard Max (rmax) accepted request 935683 from Jan Engelhardt's avatar Jan Engelhardt (jengelh) (revision 172) 
- Avoid bashisms and use POSIX sh syntax.
- Use more efficient find commands.
- Trim marketing filler words from description.
Reinhard Max's avatar Reinhard Max (rmax) accepted request 940795 from Dirk Mueller's avatar Dirk Mueller (dirkmueller) (revision 171) 
- update to 2.5.5:
  * SWEET32/64bit cipher deprecation change was postponed to 2.7
  * improve "make check" to notice if "openvpn --show-cipher" crashes
  * improve argv unit tests
  * ensure unit tests work with mbedTLS builds without BF-CBC ciphers
  * include "--push-remove" in the output of "openvpn --help"
  * fix error in iptables syntax in example firewall.sh script
  * fix "resolvconf -p" invocation in example "up" script
  * fix "common_name" environment for script calls when
    "--username-as-common-name" is in effect (Trac #1434)
  * move "push-peer-info" documentation from "server options" to "client"
  * correct "foreign_option_{n}" typo in manpage
  * README.down-root: fix plugin module name
Reinhard Max's avatar Reinhard Max (rmax) committed (revision 170) 
- Drop 0001-preform-deferred-authentication-in-the-background.patch
  Upstream has meanwhile solved this differently and the two
  implementations interfere (boo#1193017).
- Obsoleted SLE patches up to this point:
  * openvpn-CVE-2020-15078.patch
  * openvpn-CVE-2020-11810.patch
  * openvpn-CVE-2018-7544.patch
  * openvpn-CVE-2018-9336.patch
      (bsc#1085803, CVE-2018-7544)
Reinhard Max's avatar Reinhard Max (rmax) committed (revision 169) 
- Disable 0001-preform-deferred-authentication-in-the-background.patch
  for testing, because the PAM module now has upstream support for
  deferred authentication.
Reinhard Max's avatar Reinhard Max (rmax) accepted request 928265 from Dirk Mueller's avatar Dirk Mueller (dirkmueller) (revision 168) 
- update to 2.5.4:
  * fix prompting for password on windows console if stderr redirection
    is in use - this breaks 2.5.x on Win11/ARM, and might also break
    on Win11/adm64 when released.
  * fix setting MAC address on TAP adapters (--lladdr) to use sitnl
    (was overlooked, and still used "ifconfig" calls)
  * various improvements for man page building (rst2man/rst2html etc)
  * minor bugfix with IN6_IS_ADDR_UNSPECIFIED() use (breaks build on
    at least one platform strictly checking this)
  * fix minor memory leak under certain conditions in add_route() and
    add_route_ipv6()
  * documentation improvements
  * copyright updates where needed
  * better error reporting when win32 console access fails
Reinhard Max's avatar Reinhard Max (rmax) committed (revision 167)
Displaying revisions 21 - 40 of 206
openSUSE Build Service is sponsored by
Places