FEDORA-EPEL-2017-c9f915d837 created by dsommers 2 years ago for Fedora EPEL 7
stable

This update brings in the latest OpenVPN v2.4.2 release. This release contains fixes for two authenticated remote DoS vulnerabilities (CVE-2017-7478 and CVE-2017-7479).

For more information see the upstream security announcement.

Also added a few fixes, related to package and own some run/shared state directories.

This update has been submitted for testing by dsommers.

2 years ago

dsommers edited this update.

New build(s):

  • openvpn-2.4.2-2.el7

Removed build(s):

  • openvpn-2.4.2-1.el7

Karma has been reset.

2 years ago

This update has been pushed to testing.

2 years ago
User Icon fkooman provided feedback 2 years ago
karma
BZ#1444601 OpenVPN fails to launch due to missing /var/run directory
User Icon randomvariable commented & provided feedback 2 years ago
karma

Update passes tests within local Puppet runs. New directory locations confirmed.

BZ#922786 New directory for openvpn variable data /var/lib/openvpn/ request
BZ#1444601 OpenVPN fails to launch due to missing /var/run directory

This update has been submitted for stable by bodhi.

2 years ago
User Icon dsommers commented & provided feedback 2 years ago

This update was prepared before the proper CVE bugzillas were created, but here is the reference to them.

#1450993 - CVE-2017-7478 openvpn: Unauthenticated DoS via large control packets

#1450997 - CVE-2017-7479 openvpn: DoS due to exhaustion of packet-ID counter

This update has been pushed to stable.

2 years ago

Please login to add feedback.

Metadata
Type
security
Severity
high
Karma
2
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-1
Stable by Karma
2
Dates
submitted
2 years ago
in testing
2 years ago
in stable
2 years ago
modified
2 years ago
BZ#922786 New directory for openvpn variable data /var/lib/openvpn/ request
0
1
BZ#1444601 OpenVPN fails to launch due to missing /var/run directory
0
2

Automated Test Results