stable

openvpn-2.4.2-1.fc26

FEDORA-2017-89d98779ec created by dsommers 6 years ago for Fedora 26

This update brings in the latest OpenVPN v2.4.2 release. This release contains fixes for two authenticated remote DoS vulnerabilities (CVE-2017-7478 and CVE-2017-7479). For more information see the upstream security announcement.

This build also switches back to OpenSSL 1.0, using compat-openssl10 and compat-openssl10-pkcs11-helper. This is temporarily until full OpenSSL 1.1 support have arrived OpenVPN. This should also resolve a lot of issues with features missing or not working properly with mbed TLS.

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2017-89d98779ec

This update has been submitted for testing by dsommers.

6 years ago
User Icon renault commented & provided feedback 6 years ago
karma

It works, MD5 bug fixed

BZ#1443749 No MD5 support available

This update has been pushed to testing.

6 years ago
User Icon besser82 commented & provided feedback 6 years ago
karma

Works great! LGTM! =)

User Icon cserpentis commented & provided feedback 6 years ago
karma

works for me in a VM

This update has been submitted for stable by bodhi.

6 years ago
User Icon anonymous commented & provided feedback 6 years ago

Work for me

This update has been pushed to stable.

6 years ago
User Icon dsommers commented & provided feedback 6 years ago

This update was prepared before the proper CVE bugzillas were created, but here is the reference to them.

#1450993 - CVE-2017-7478 openvpn: Unauthenticated DoS via large control packets

#1450997 - CVE-2017-7479 openvpn: DoS due to exhaustion of packet-ID counter


Please login to add feedback.

Metadata
Type
security
Severity
high
Karma
3
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-1
Stable by Karma
3
Stable by Time
disabled
Dates
submitted
6 years ago
in testing
6 years ago
in stable
6 years ago
BZ#1432125 SELinux is preventing systemd from 'create' accesses on the unix_stream_socket Unknown.
0
0
BZ#1440468 OpenVPN 2.4 in F26 lacks --pkcs12 support when built against mbed TLS
0
0
BZ#1443749 No MD5 support available
0
1
BZ#1443942 enable the x509-username-field option
0
0

Automated Test Results