-
openvpn (2.0.9-8ubuntu0.3) gutsy-security; urgency=low
* init.c: send modulus to openssl-vulnkey rather than calling
openssl-vulnkey on the file. This allows for password protected ssl keys
(LP: #230197)
* debian/control: Depends on openssl-blacklist > 0.3.2
-- Jamie Strandboge <email address hidden> Wed, 11 Jun 2008 15:01:41 -0400
-
openvpn (2.0.9-8ubuntu0.2) gutsy-security; urgency=low
* init.c: Do not attempt to verify the key file with openvpn-vulnkey if it
is not accessible (any more). This happens when using the 'user', 'group',
or 'chroot' options in multi-client mode, and the SSL key file thus
becomes unreadable from the second time on. If the key file is not
accessible at the very start, this is already handled anyway, so we can
safely ignore this condition. (LP: #230208)
Note that this is not an issue when using pre-shared keys
(do_init_crypto_static(), since multi-client mode only works with TLS.
However, we also check it here just to be on the safe side.
-- Martin Pitt <email address hidden> Wed, 14 May 2008 13:35:35 +0200
-
openvpn (2.0.9-8ubuntu0.1) gutsy-security; urgency=low
* SECURITY UPDATE: don't allow use of known vulnerable weak SSL/TLS and
shared secret keys caused by Debian openssl bug
* init.c: patch do_init_crypto_static() to use openvpn-vulnkey and
do_init_crypto_tls() to use openssl-vulnkey
* debian/control: Depends on libssl0.9.8 (>= 0.9.8e-5ubuntu3.2),
openssl-blacklist and openvpn-blacklist
* add critical debconf note
* References
CVE-2008-0166
http://www.ubuntu.com/usn/usn-612-1
-- Jamie Strandboge <email address hidden> Mon, 12 May 2008 23:28:00 -0400
-
openvpn (2.0.9-8) unstable; urgency=low
* Install /etc/openvpn/update-resolv-conf with correct permissions
openvpn (2.0.9-7) unstable; urgency=low
* Added script to update resolv.conf with server's settings.
The script is located in the /etc/openvpn/ directory.
Thanks a lot Christof Lauber for the script.
Added resolvconf to Suggests.
* Added LSB section to the init.d script.
-- Ubuntu Archive Auto-Sync <email address hidden> Mon, 21 May 2007 09:34:41 +0100
-
openvpn (2.0.9-6) unstable; urgency=low
* Fixed init.d script to avoid running multiple instances of the
same VPN. Thanks Keith Kyzivat for pushing me into looking
again into this issue. (Closes: #326080)
* Included patch to README.Debian from Peter Rabbitson describing
/etc/network/interfaces integration. (Closes: #413732)
* Also included joeyh's suggestion on the previous subject.
(Closes: 419797)
* Avoid restarting a vpn instead of reloading it due to wrong
detection of 'user' option in init.d script. Thanks Josip Rodin.
(Closes: 403503)
* Added Russian debconf translation. (Closes: #414088)
Thanks Yuriy Talakan.
* Built against liblzo2 instead of liblzo. (Closes: #423366)
-- Ubuntu Archive Auto-Sync <email address hidden> Fri, 18 May 2007 09:37:57 +0100
-
openvpn (2.0.9-5) unstable; urgency=low
* Added Galician debconf translation. (Closes: #412492)
Thanks Jacobo Tarrio
openvpn (2.0.9-4) unstable; urgency=low
* Updated Swedish debconf translation. (Closes: #407851)
Thanks Andreas Henriksson
openvpn (2.0.9-3) unstable; urgency=low
* Fixed type in Portuguese debconf translation.
* debian/templates. Changed default value for init.d change
question to false. (Closes: #403317)
-- Reinhard Tartler <email address hidden> Fri, 02 Mar 2007 08:45:40 +0000
