openwrt-packages-dist

History

Magnus Kroken 6186fe732b openvpn: update to 2.5.2 Fixes two related security vulnerabilities (CVE-2020-15078) which under very specific circumstances allow tricking a server using delayed authentication (plugin or management) into returning a PUSH_REPLY before the AUTH_FAILED message, which can possibly be used to gather information about a VPN setup. In combination with "--auth-gen-token" or a user-specific token auth solution it can be possible to get access to a VPN with an otherwise-invalid account. OpenVPN 2.5.2 also includes other bug fixes and improvements. Add CI build test script. Signed-off-by: Magnus Kroken <mkroken@gmail.com>		4 years ago
..
files	openvpn: fix invoking user up & down commands from hotplug wrapper	4 years ago
patches	openvpn: update to 2.5.2	4 years ago
Config-mbedtls.in	openvpn: disable LZO support by default	4 years ago
Config-openssl.in	openvpn: disable LZO support by default	4 years ago
Makefile	openvpn: update to 2.5.2	4 years ago
test.sh	openvpn: update to 2.5.2	4 years ago