FEDORA-2017-5882331351

security update in Fedora 27 for openvpn

Status: stable 2 years ago

Maintenance release with several minor upstream bugfixes and a security fix related to legacy configurations deploying the deprecated key-method 1 configuration option (CVE-2017-12166). From this update of, OpenVPN will use the lz4 compression library from Fedora instead of the upstream bundled library.

How to install

sudo dnf upgrade --advisory=FEDORA-2017-5882331351

Comments 6

This update has been submitted for testing by dsommers.

auth-token is fixed in this release too!

karma: +1 #1497111: +1 #1497109: +1

This update has been pushed to testing.

Works great! LGTM! =)

karma: +1

This update has been submitted for stable by bodhi.

This update has been pushed to stable.

Add Comment & Feedback

Please login to add feedback.

Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
medium
Karma
+2
stable threshold: 2
unstable threshold: -1
Autopush (karma)
Enabled
Autopush (time)
Disabled
Dates
submitted 2 years ago
in testing 2 years ago
in stable 2 years ago

Related Bugs 2

0+1 #1497109 CVE-2017-12166 openvpn: Incorrect bounds check in read_key() with 'key-method 1'
0+1 #1497111 CVE-2017-12166 openvpn: Incorrect bounds check in read_key() with 'key-method 1' [fedora-all]

Automated Test Results