diff options
author | james <james@e7ae566f-a301-0410-adde-c780ea21d3b5> | 2005-11-01 21:05:04 +0000 |
---|---|---|
committer | james <james@e7ae566f-a301-0410-adde-c780ea21d3b5> | 2005-11-01 21:05:04 +0000 |
commit | 76a59eae43d2a1d08c6dae855b57625008c44cca (patch) | |
tree | 6c438bd05ebb9c7fe48d84c7956c5335fe462d94 /ChangeLog | |
parent | VERSION 2.1_beta5 (diff) | |
download | openvpn-76a59eae43d2a1d08c6dae855b57625008c44cca.tar.xz |
Merged 2.0.4 changes.
svn merge -r 737:749 $SO/trunk/openvpn
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@750 e7ae566f-a301-0410-adde-c780ea21d3b5
Diffstat (limited to 'ChangeLog')
-rw-r--r-- | ChangeLog | 16 |
1 files changed, 9 insertions, 7 deletions
@@ -3,9 +3,9 @@ Copyright (C) 2002-2005 OpenVPN Solutions LLC <info@openvpn.net> $Id$ -2005.10.31 -- Version 2.1-beta5 +2005.11.01 -- Version 2.1-beta6 -* Security fix (merged from 2.0.3) -- Affects non-Windows +* Security fix (merged from 2.0.4) -- Affects non-Windows OpenVPN clients of version 2.0 or higher which connect to a malicious or compromised server. A format string vulnerability in the foreign_option function in options.c @@ -19,11 +19,13 @@ $Id$ and (c) the client indicates its willingness to accept pushed options from the server by having "pull" or "client" in its configuration file (Credit: Vade79). -* Security fix (merged from 2.0.3) -- Potential DoS vulnerability - on the server in TCP mode. If the TCP server accept() call - returns an error status, the resulting exception handler - may attempt to indirect through a NULL pointer, causing - a segfault. Affects all OpenVPN 2.0 versions. + CVE-2005-3393 +* Security fix -- (merged from 2.0.4) Potential DoS + vulnerability on the server in TCP mode. If the TCP + server accept() call returns an error status, the resulting + exception handler may attempt to indirect through a NULL + pointer, causing a segfault. Affects all OpenVPN 2.0 versions. + CVE-2005-3409 * Fix attempt of assertion at multi.c:1586 (note that this precise line number will vary across different versions of OpenVPN). |