Hello community, here is the log from the commit of package openvpn for openSUSE:Factory checked in at 2014-12-03 22:47:57 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/openvpn (Old) and /work/SRC/openSUSE:Factory/.openvpn.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "openvpn" Changes: -------- --- /work/SRC/openSUSE:Factory/openvpn/openvpn.changes 2014-11-07 09:06:41.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.openvpn.new/openvpn.changes 2014-12-03 22:48:19.000000000 +0100 @@ -1,0 +2,8 @@ +Mon Dec 1 19:37:29 UTC 2014 - [email protected] + +- Update to version 2.3.6 fixing a denial-of-service vulnerability + where an authenticated client could stop the server by triggering + a server-side ASSERT (bnc#907764,CVE-2014-8104). + See ChangeLog file for a complete list of changes. + +------------------------------------------------------------------- Old: ---- openvpn-2.3.5.tar.gz openvpn-2.3.5.tar.gz.asc New: ---- openvpn-2.3.6.tar.gz openvpn-2.3.6.tar.gz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ openvpn.spec ++++++ --- /var/tmp/diff_new_pack.RqeCqG/_old 2014-12-03 22:48:20.000000000 +0100 +++ /var/tmp/diff_new_pack.RqeCqG/_new 2014-12-03 22:48:20.000000000 +0100 @@ -32,7 +32,7 @@ %else PreReq: %insserv_prereq %fillup_prereq %endif -Version: 2.3.5 +Version: 2.3.6 Release: 0 Summary: Full-featured SSL VPN solution using a TUN/TAP Interface License: SUSE-GPL-2.0-with-openssl-exception and LGPL-2.1 ++++++ openvpn-2.3.5.tar.gz -> openvpn-2.3.6.tar.gz ++++++ ++++ 1918 lines of diff (skipped) -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
