tag name | v2.3.17 (1a1cec87f408e0ee808afe8bc6923d65e7ac3c14) |
tag date | 2017-06-20 13:06:02 +0200 |
tagged by | Gert Doering |
tagged object | commit 8ec9cfdd5f... |
download | openvpn-2.3.17.zip openvpn-2.3.17.tar.gz |
---|
OpenVPN v2.3.17 release
2017.06.21 -- Version 2.3.17
David Sommerseth (2):
backport: Ignore auth-nocache for auth-user-pass if auth-token is pushed
auth-token with auth-nocache fix broke --disable-crypto builds
Gert Doering (2):
Fix potential 1-byte overread in TCP option parsing.
Fix remotely-triggerable ASSERT() on malformed IPv6 packet.
Guido Vranken (6):
refactor my_strupr
Fix 2 memory leaks in proxy authentication routine
Fix memory leak in add_option() for option 'connection'
Ensure option array p[] is always NULL-terminated
Fix a null-pointer dereference in establish_http_proxy_passthru()
Prevent two kinds of stack buffer OOB reads and a crash for invalid input data
Jérémie Courrèges-Anglas (2):
Fix an unaligned access on OpenBSD/sparc64
Missing include for socket-flags TCP_NODELAY on OpenBSD
Steffan Karger (4):
openssl: fix overflow check for long --tls-cipher option
Fix remote-triggerable memory leaks (CVE-2017-7521)
Restrict --x509-alt-username extension types
Fix potential double-free in --x509-alt-username (CVE-2017-7521)
-----BEGIN PGP SIGNATURE-----
iQGcBAABAgAGBQJZSQGnAAoJEB2Cnv7KVigSlUML/joVuBaZJKue/ebN1vzpf6bO
3DKyQ3y3iBHHht7NkWy+wyYQCqFweV6iWEJrP3znCkAAlSLYpGcboyhG6OW7Wpw2
wnnf4wjmF5RsVcUg9tvOHlCbO/Mr268ThpOrip65itVWJlUe9y8mmgJkXhFs2idP
3SMziOIgUV4InCd1Z2fzyTZx6X1vMK/TJAl3fG3Uo7DdSXg3hYPNNju5qw8XbowF
C+OCgKs6MawIxbdSu+VKbQqUSdbcvwuNCuBUZIl5HLAMpcuZ35JNArV1AB/7rSes
8EMlTGvzsBnicGr+9GYdv2WjEtgAzl9Hi7ieE2kQ1mzu61Ng07hXdH3Tjam1YN1z
Jm127Nbaues3NqTNyPjMybE2RER3NA+s9brhiRh4GRyeDuNr8Qhlf/i33QyxU3dl
2/buU8cVJnruHm2XrecUApcIrEaWOGsJ8jPn1fMpipym3GQWJO6iweZDT90/h6lp
7t9EDq3ztcd4z2YZsBJwtAYlPP4TfQZGJs6wc8R7yw==
=dlLS
-----END PGP SIGNATURE-----