Your message dated Sat, 07 Oct 2017 11:33:55 +0100
with message-id <[email protected]>
and subject line Closing bugs for 9.2 point release
has caused the Debian Bug report #870604,
regarding stretch-pu: package openvpn/2.4.0-6+deb9u2
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
870604: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870604
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
Tags: stretch
User: [email protected]
Usertags: pu
Hi,
I'd like to fix RC bug #863110 in Stretch, causing OpenVPN connections to be
broken when they are reestablished after a timeout.
The patch has been part of several upstream releases which have been in
sid/buster for a couple of weeks now. The submitter tested the patch to be
fixing this issue.
diff attached
Best Regards,
Bernhard
diff --git a/debian/changelog b/debian/changelog
index 0f96932..dd7f177 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+openvpn (2.4.0-6+deb9u2) stretch; urgency=medium
+
+ * Fix broken reconnect on connection loss due to wrong push digest
calculation.
+ Thanks to Patrick Matthäi for testing (Closes: #863110)
+
+ -- Bernhard Schmidt <[email protected]> Tue, 18 Jul 2017 22:15:17 +0200
+
openvpn (2.4.0-6+deb9u1) stretch-security; urgency=high
* SECURITY UPDATE: (Closes: #865480)
diff --git a/debian/patches/812-fix-push-options-digest-update.patch
b/debian/patches/812-fix-push-options-digest-update.patch
new file mode 100644
index 0000000..f79a27c
--- /dev/null
+++ b/debian/patches/812-fix-push-options-digest-update.patch
@@ -0,0 +1,31 @@
+From: Selva Nair <[email protected]>
+Date: Tue, 3 Jan 2017 16:42:18 -0500
+Subject: [PATCH] Fix push options digest update
+Bug: https://community.openvpn.net/openvpn/ticket/812
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863110
+
+Trac: #812
+
+Signed-off-by: Selva Nair <[email protected]>
+Acked-by: Steffan Karger <[email protected]>
+Message-Id: <[email protected]>
+URL:
https://www.mail-archive.com/[email protected]/msg13816.html
+Signed-off-by: Gert Doering <[email protected]>
+---
+ src/openvpn/push.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/openvpn/push.c b/src/openvpn/push.c
+index f5154756a..c9c04a630 100644
+--- a/src/openvpn/push.c
++++ b/src/openvpn/push.c
+@@ -692,8 +692,8 @@ push_update_digest(md_ctx_t *ctx, struct buffer *buf,
const struct options *opt)
+ {
+ continue;
+ }
++ md_ctx_update(ctx, (const uint8_t *) line, strlen(line)+1);
+ }
+- md_ctx_update(ctx, (const uint8_t *) line, strlen(line)+1);
+ }
+
+ int
diff --git a/debian/patches/series b/debian/patches/series
index a83cda1..4357c69 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -12,3 +12,4 @@ CVE-2017-7508.patch
CVE-2017-7520.patch
CVE-2017-7521.patch
CVE-2017-7521bis.patch
+812-fix-push-options-digest-update.patch
--- End Message ---
--- Begin Message ---
Version: 9.2
Hi.
The updates referenced by each of these bugs was included in today's
point release of stretch.
Regards,
Adam
--- End Message ---
