FEDORA-2017-2aa4d11993

security update in Fedora 25 for openvpn

Status: stable 2 years ago

Maintenance release with several minor upstream bugfixes and a security fix related to legacy configurations deploying the deprecated key-method 1 configuration option (CVE-2017-12166). From this update of, OpenVPN will use the lz4 compression library from Fedora instead of the upstream bundled library.

How to install

sudo dnf upgrade --advisory=FEDORA-2017-2aa4d11993

Comments 8

This update has been submitted for testing by dsommers.

This update has been pushed to testing.

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

works for me in a VM

karma: +1

no regressions noted

karma: +1

This update has been submitted for batched by bodhi.

This update has been submitted for stable by bodhi.

This update has been pushed to stable.

Add Comment & Feedback

Please login to add feedback.

Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
medium
Karma
+2
stable threshold: 2
unstable threshold: -1
Autopush (karma)
Enabled
Autopush (time)
Disabled
Dates
submitted 2 years ago
in testing 2 years ago
in stable 2 years ago

Related Bugs 2

00 #1497109 CVE-2017-12166 openvpn: Incorrect bounds check in read_key() with 'key-method 1'
00 #1497111 CVE-2017-12166 openvpn: Incorrect bounds check in read_key() with 'key-method 1' [fedora-all]

Automated Test Results