From: Thomas Perale via buildroot <buildroot@buildroot.org>
To: Titouan Christophe <titouan.christophe@mind.be>
Cc: Thomas Perale <thomas.perale@mind.be>, buildroot@buildroot.org
Subject: Re: [Buildroot] [PATCH for 2025.02.x] package/openvpn: security bump to v2.6.20
Date: Mon, 4 May 2026 16:47:53 +0200 [thread overview]
Message-ID: <20260504144753.10774-1-thomas.perale@mind.be> (raw)
In-Reply-To: <20260430090001.339335-1-titouan.christophe@mind.be>
In reply of:
> See the release notes:
> https://github.com/OpenVPN/openvpn/blob/v2.6.20/Changes.rst
>
> This fixes 2 security issues:
> - CVE-2026-40215:
> race condition in TLS handshake that could lead to leaking of packet
> data from a previous handshake under specific circumstances
> - CVE-2026-35058:
> server ASSERT() on receiving a suitably malformed packet with a valid
> tls-crypt-v2 key
>
> Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Applied to 2025.02.x & 2026.02.x. Thanks
> ---
> package/openvpn/openvpn.hash | 2 +-
> package/openvpn/openvpn.mk | 2 +-
> 2 files changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/package/openvpn/openvpn.hash b/package/openvpn/openvpn.hash
> index 0123babe4b..957537dde6 100644
> --- a/package/openvpn/openvpn.hash
> +++ b/package/openvpn/openvpn.hash
> @@ -1,3 +1,3 @@
> # Locally calculated after checking signature
> -sha256 05cb5fdf1ea33fcba719580b31a97feaa019c4a3050563e88bc3b34675e6fed4 openvpn-2.6.16.tar.gz
> +sha256 952ecee5b911a5353c0a6d40af62a7076c6dea1481ef204ce6d3f10481531315 openvpn-2.6.20.tar.gz
> sha256 edaef632cbb643e4e7a221717a6c441a4c1a7c918e6e4d56debc3d8739b233f6 COPYRIGHT.GPL
> diff --git a/package/openvpn/openvpn.mk b/package/openvpn/openvpn.mk
> index 0175c51d63..a117f6ee8c 100644
> --- a/package/openvpn/openvpn.mk
> +++ b/package/openvpn/openvpn.mk
> @@ -4,7 +4,7 @@
> #
> ################################################################################
>
> -OPENVPN_VERSION = 2.6.16
> +OPENVPN_VERSION = 2.6.20
> OPENVPN_SITE = https://swupdate.openvpn.net/community/releases
> OPENVPN_DEPENDENCIES = host-pkgconf libcap-ng
> OPENVPN_LICENSE = GPL-2.0
> --
> 2.53.0
>
> _______________________________________________
> buildroot mailing list
> buildroot@buildroot.org
> https://lists.buildroot.org/mailman/listinfo/buildroot
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
prev parent reply other threads:[~2026-05-04 14:48 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-04-30 9:00 [Buildroot] [PATCH for 2025.02.x] package/openvpn: security bump to v2.6.20 Titouan Christophe via buildroot
2026-05-04 14:47 ` Thomas Perale via buildroot [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260504144753.10774-1-thomas.perale@mind.be \
--to=buildroot@buildroot.org \
--cc=thomas.perale@mind.be \
--cc=titouan.christophe@mind.be \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox