mirror of
https://github.com/openwrt/packages.git
synced 2025-12-17 16:11:21 +00:00
04d25b2bc1
This is a bugfix release containing several security fixes. Security fixes -------------- - CVE-2024-4877: Windows: harden interactive service pipe. Security scope: a malicious process with "some" elevated privileges could open the pipe a second time, tricking openvn GUI into providing user credentials (tokens), getting full access to the account openvpn-gui.exe runs as. - CVE-2024-5594: control channel: refuse control channel messages with nonprintable characters in them. Security scope: a malicious openvpn peer can send garbage to openvpn log, or cause high CPU load. - CVE-2024-28882: only call schedule_exit() once (on a given peer). Security scope: an authenticated client can make the server "keep the session" even when the server has been told to disconnect this client Bug fixes --------- - fix connect timeout when using SOCKS proxies - work around LibreSSL crashing on OpenBSD 7.5 when enumerating ciphers - Add bracket in fingerprint message and do not warn about missing verification For details refer to https://github.com/OpenVPN/openvpn/blob/v2.6.11/Changes.rst Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
437 B
437 B