openvpn (2.2.1-8ubuntu1.5) precise-security; urgency=medium
* SECURITY UPDATE: Pre-authentication remote crash/information disclosure
for clients
- debian/patches/CVE-2017-7520.patch: prevent two kinds of stack buffer
OOB reads and a crash for invalid input data in src/openvpn/ntlm.c.
- CVE-2017-7520
* SECURITY UPDATE: DoS in establish_http_proxy_passthru()
- debian/patches/establish_http_proxy_passthru_dos.patch: fix
null-pointer dereference in src/openvpn/proxy.c.
- NO CVE number
Date: 2017-08-02 19:27:16.879173+00:00
Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa)
Signed-By: Steve Langasek <steve.langa...@canonical.com>
https://launchpad.net/ubuntu/+source/openvpn/2.2.1-8ubuntu1.5
Sorry, changesfile not available.
--
Precise-changes mailing list
Precise-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/precise-changes