daftaupe
commented
3 weeks ago @mneumann thanks for the patch, will take care of it tomorrow. I guess it can also be applied to security/openvpn ?
Closed mneumann closed 3 weeks ago
daftaupe
commented
3 weeks ago @mneumann thanks for the patch, will take care of it tomorrow. I guess it can also be applied to security/openvpn ?
mneumann
commented
3 weeks ago On Mon, Aug 19, 2024 at 12:45:52PM -0700, Pierre-Alain TORET wrote:
@mneumann thanks for the patch, will take care of it tomorrow. I guess it can also be applied to security/openvpn ? @daftaupe The patch applies cleanly to security/openvpn. But I haven't tried compiling it yet, as I saw this message:
openvpn-2.6.9 has known vulnerabilities:
openvpn-2.6.9 is vulnerable:
openvpn -- two security fixes
CVE: CVE-2024-28882
CVE: CVE-2024-5594
WWW: https://vuxml.FreeBSD.org/freebsd/142c538e-b18f-40a1-afac-c479effadd5c.htmlAlso, openssl-3.0 is required and that interferes with the installed openssl-1.1.
-- Reply to this email directly or view it on GitHub: https://github.com/DragonFlyBSD/DeltaPorts/issues/1476#issuecomment-2297318034 You are receiving this because you were mentioned.
Message ID: @.***>
-- Michael Neumann NTECS Consulting www.ntecs.de
daftaupe
commented
3 weeks ago @mneumann pushed as https://github.com/DragonFlyBSD/DeltaPorts/commit/a46a0ff5326fcda496f60dab5ee942f3962129bd for security/openvpn-devel
Re openvpn version, we're working on 2024Q1 at the moment. Hopefully we'll get a newer version with 2024Q3 soon :)
I was able to compile security/openvpn without issues using dsynth :) So I also pushed https://github.com/DragonFlyBSD/DeltaPorts/commit/f1b174e0eddbe3b2c727fc3d61c02fb229de7ee4
Thanks for the fix !
It works with attached patch.
0001-Fix-OpenVPN-devel-in-regards-of-tun-device.patch.txt