Hello community, here is the log from the commit of package openvpn checked in at Thu Apr 20 17:52:01 CEST 2006. -------- --- openvpn/openvpn.changes 2006-01-25 21:39:08.000000000 +0100 +++ STABLE/openvpn/openvpn.changes 2006-04-19 13:11:40.000000000 +0200 @@ -1,0 +2,6 @@ +Wed Apr 19 13:10:56 CEST 2006 - poeml@suse.de + +- security fix (CVE-2006-1629): disallow "setenv" to be pushed to + clients from the server [#165123] + +------------------------------------------------------------------- New: ---- openvpn-2.0.5-CVE-2006-1629.dif ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ openvpn.spec ++++++ --- /var/tmp/diff_new_pack.5jlQsd/_old 2006-04-20 17:51:44.000000000 +0200 +++ /var/tmp/diff_new_pack.5jlQsd/_new 2006-04-20 17:51:44.000000000 +0200 @@ -1,11 +1,11 @@ # # spec file for package openvpn (Version 2.0.5) # -# Copyright (c) 2005 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2006 SUSE LINUX Products GmbH, Nuernberg, Germany. # This file and all modifications and additions to the pristine # package are under the same license as the package itself. # -# Please submit bugfixes or comments via http://www.opensuse.org/Submit_a_bug +# Please submit bugfixes or comments via http://bugs.opensuse.org/ # # norootforbuild @@ -18,11 +18,12 @@ Autoreqprov: on PreReq: %insserv_prereq %fillup_prereq Version: 2.0.5 -Release: 1 +Release: 11 Summary: Create VPN over Wireless and Ethernet Networks using a Tun Device Source: http://openvpn.net/release/openvpn-%{version}.tar.bz2 Source2: openvpn.init Source3: openvpn-README.SUSE +Patch1: openvpn-2.0.5-CVE-2006-1629.dif BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -36,6 +37,7 @@ %prep %setup +%patch1 -p1 %build autoreconf -fi @@ -91,6 +93,9 @@ %dir /var/run/openvpn %changelog -n openvpn +* Wed Apr 19 2006 - poeml@suse.de +- security fix (CVE-2006-1629): disallow "setenv" to be pushed to + clients from the server [#165123] * Wed Jan 25 2006 - mls@suse.de - converted neededforbuild to BuildRequires * Thu Nov 03 2005 - poeml@suse.de ++++++ openvpn-2.0.5-CVE-2006-1629.dif ++++++ diff -uNr openvpn-2.0.5.orig/init.c openvpn-2.0.5/init.c --- openvpn-2.0.5.orig/init.c 2005-11-01 20:27:45.000000000 +0100 +++ openvpn-2.0.5/init.c 2006-04-19 13:09:14.422301268 +0200 @@ -951,7 +951,6 @@ return ( OPT_P_UP | OPT_P_ROUTE | OPT_P_IPWIN32 - | OPT_P_SETENV | OPT_P_SHAPER | OPT_P_TIMER | OPT_P_PERSIST ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun...