Publishing details
Changelog
openvpn (2.4.4-1ubuntu1~ubuntu16.04.1~c42.ppa1) xenial; urgency=medium
* No-change backport to xenial
openvpn (2.4.4-1ubuntu1) bionic; urgency=medium
* Sync with Debian. Remaining changes:
- debian/openvpn@.service: Add "--script-security 2" similar to what got
added to debian/openvpn.init.d ages ago (LP: #1454725)
- Demote easy-rsa to Suggests (universe package).
openvpn (2.4.4-1) unstable; urgency=medium
[ Jörg Frings-Fürst ]
* New Upstream release:
- Fix bounds check in read_key() (CVE-2017-12166) (Closes: #877089).
* Declare compliance with Debian Policy 4.1.1. (No changes needed).
* Drop dh-systemd from both Build-Depends and dh command line as
it is enabled by default for dh compat level 10.
* New debian/openvpn.lintian-overrides:
- Override duplicate upstream changelog warning.
* Remote obsolete directory /usr/lib/openvpn (The plugins directory are now
/usr/lib/*/openvpn/plugins):
- Remove /usr/lib/openvpn from debian/dirs.
- Add debian/postrm to remove /usr/lib/openvpn on purge and remove.
- Rewrite plugin section at README.Debian
* Use pathfind() instead hard coded path for invoke-rc.d at debian/prerm
and debian/postinst.
* Remove outdated debian/README.source.
* Remove obsolete syslog.target from debian/openvpn@.service.
* Update Catalan translation (Closes: #870351).
- Thanks to Alytidae <email address hidden>.
* New directory /var/log/openvpn for log and status files
(Closes: #444431, #553303):
- Add var/log/openvpn into debian/dirs.
- New debian/patches/move_log_dir.patch to change the conf files
to the new log directory.
[ Bernhard Schmidt ]
* Further changes to debian/openvpn@.service copied from upstream
- Enable Restart=on-failure
- Use KillMode=process
openvpn (2.4.3-4) unstable; urgency=medium
* fix FTBFS on kfreebsd
* Adjust debian openvpn@.service to be closer to the upstream
ones (Closes: #858558, #864031):
- adjust Documentation URL to OpenVPN 2.4
- use systemd READY signalling (Type=notify)
- add ProtectHome=true
- add After/Wants network-online.target
- adjust CapabililtyBoundingSet
openvpn (2.4.3-3) unstable; urgency=medium
[ Jörg Frings-Fürst ]
* debian/control:
- Set Bernhard Schmidt <email address hidden> as maintainer and myself as
Uploader (Closes: #865555)
- Many thanks to Alberto Gonzalez Iniesta.
- Change Vcs-Browser to cgit.
* Migrate to debhelper 10:
- Change debian/compat to 10.
- Bump minimum debhelper version in debian/control to >= 10.
* Declare compliance with Debian Policy 4.0.0. (No changes needed).
[ Bernhard Schmidt ]
* properly remove obsolete /etc/tmpfiles.d/openvpn.conf using
dpkg-maintscript-helper (Closes: #865717)
* Change Vcs-Git and Homepage to https
openvpn (2.4.3-2) unstable; urgency=medium
* The "Bye bye OpenVPN" revenge release
* Put upstream tmpfiles conf in the right place and merge with Debian's.
(Closes: #865589)
openvpn (2.4.3-1) unstable; urgency=high
* The "Bye bye OpenVPN" release.
* New upstream release fixing: (Closes: #865480)
- CVE-2017-7508
- CVE-2017-7520
- CVE-2017-7521
- CVE-2017-7522
* Plugin libs have been moved to /usr/lib/ARCH/openvpn/plugins
* debian/rules:
- Remove obsolete options to configure script (enable-password-save,
with-plugindir (now in ENV_VARS))
- No need to install upstream's systemd unit files from debian/rules
openvpn (2.4.0-6) unstable; urgency=medium
* Apply upstream patch to fix shrinking MTU sizes on reconnects causing not
usable VPN tunnels.
openvpn (2.4.0-5) unstable; urgency=high
* Change typo fix in command line help.
* SECURITY UPDATE: pre-authentication denial-of-service vulnerability
(both client and server) from a too-large control packet.
- debian/patches/CVE-2017-7478.patch: Do not assert on too-large
control packet
- CVE-2017-7478
* SECURITY UPDATE: authenticated remote DoS vulnerability due to
packet ID rollover
- debian/patches/CVE-2017-7479-prereq.patch: merge
packet_id_alloc_outgoing() into packet_id_write()
- debian/patches/CVE-2017-7479.patch: do not assert when packet ID
rollover occurs
- CVE-2017-7479
* SECURITY UPDATE: auth tokens left in memory after de-auth
- debian/patches/wipe_tokens_on_de-auth.patch: always wipe token
as soon as a TLS session is considered broken.
* Kudos to Steve Beattie <email address hidden> for doing all the
backporting work for this upload.
openvpn (2.4.0-4) unstable; urgency=medium
* Add NEWS entries on possible 2.4 migration issues.
(Closes: #852381, #849909)
openvpn (2.4.0-3) unstable; urgency=medium
* You shall run debdiff even when the change is only a word, or you may find
out the word was not there...
* Add liblz4-dev to Build-Depends. (Closing: #849563 for real)
openvpn (2.4.0-2) unstable; urgency=medium
* Enable lz4 compression (Closes: #849563).
Thanks Laurent Bigonville for noticing.
openvpn (2.4.0-1) unstable; urgency=medium
* New upstream release.
* Refresh debian/patches to new upstream coding style.
* debian/NEWS.Debian. Add note on removed tls-remote option
(Closes: #848062)
openvpn (2.4~rc1-2) unstable; urgency=medium
* Make lintian happy:
- Update debian/watch
- Remove .gitignore file from samples
- Add Depends on lsb-base
- Move bash completion file to /usr/share
- Remove unneeded dot in manpage
- Bump Standards-Version
* debian/patches/kfreebsd_support: Update patch for 2.4 series.
openvpn (2.4~rc1-1) unstable; urgency=medium
* New upstream release
* Update close_socket_before_scripts.patch to upstream's version
* Add /etc/openvpn/client & /etc/openvpn/server directories for
upstream's systemd units.
openvpn (2.4~beta1-1) experimental; urgency=medium
* New upstream release
* Change Build-Dep on libssl-dev to libssl1.0-dev since upstream is not
transitioning to libssl1.1 yet.
* Moved to debhelper compat 9.
openvpn (2.3.11-2) unstable; urgency=medium
* Remove dependency on initscripts. (Closes: #804968)
* README.Debian. Fix CapabilityBoundingSet reference.
openvpn (2.3.11-1) unstable; urgency=medium
* New upstream release.
* tun.c: patch to fix FTBFS in kfreebsd. (Closes: #815283)
Thanks Steven Chamberlain for the patch.
* README.Debian: Document limits in the service file.
(Closes: #819919, #823621)
* Removed versioned dependency on initscripts. (Closes: #804968)
-- <email address hidden> (H.-Dirk Schmitt) Sat, 03 Feb 2018 00:27:58 +0100
Builds
Built packages
-
openvpn
virtual private network daemon
Package files