Diffusion FreeBSD ports repository 4c75982ca9f2

security/openvpn: security update to 2.6.14
4c75982ca9f2
Actions

Description

security/openvpn: security update to 2.6.14

"Fix possible ASSERT() on OpenVPN servers using --tls-crypt-v2

Security scope: OpenVPN servers between 2.6.1 and 2.6.13 using
--tls-crypt-v2 can be made to abort with an ASSERT() message by sending
a particular combination of authenticated and malformed packets.

To trigger the bug, a valid tls-crypt-v2 client key is needed, or
network observation of a handshake with a valid tls-crypt-v2 client key

No crypto integrity is violated, no data is leaked, and no remote code
execution is possible.

This bug does not affect OpenVPN clients."

clean up CONFLICTS_INSTALL

ChangeLog: https://github.com/OpenVPN/openvpn/blob/v2.6.14/Changes.rst#overview-of-changes-in-2614
Security: 2cad4541-0f5b-11f0-89f8-411aefea0df9
Security: CVE-2025-2704
MFH: 2025Q2
(cherry picked from commit 70a3176764f09cfeb26bc8d4c9463e7497a299c0)
(cherry picked from commit e20a69e3dce88c98be4aa4354c94ffa21bca0b17)

Details

Provenance

mandree

Authored on Apr 2 2025, 7:26 PM

Parents

R11:68b6c92718cc: security/openvpn-devel: upgrade port to git commit b75849ba36 (2025-04-02)

Branches

Unknown

Tags

Unknown

Event Timeline

mandree committed R11:4c75982ca9f2: security/openvpn: security update to 2.6.14 (authored by mandree).Apr 2 2025, 7:34 PM

Changes (2)

Path

Size

security/

openvpn/

Makefile

distinfo

R11:4c75982ca9f2

View Options

security/openvpn/Makefile