Message ID | 20211227111504.31173-1-gert@greenie.muc.de |
---|---|
State | Changes Requested |
Headers | show |
Series | [Openvpn-devel] fix Changes.rst errors in 2.5.3 and 2.5.5 announcement | expand |
Hi On Mon, Dec 27, 2021 at 6:16 AM Gert Doering <gert@greenie.muc.de> wrote: > > - 2.5.3 had a typo in the CVE ID (CVE-2121-3606 should be -2021-) > - 2.5.5 had windows paths with backslashes, which need to be doubled > > (CVE ID typo also reported by "@attritionorg" in Github PR 165) > > Signed-off-by: Gert Doering <gert@greenie.muc.de> > --- > Changes.rst | 6 +++--- > 1 file changed, 3 insertions(+), 3 deletions(-) > > diff --git a/Changes.rst b/Changes.rst > index b6f98d51..3d484318 100644 > --- a/Changes.rst > +++ b/Changes.rst > @@ -18,8 +18,8 @@ New features > - Windows build: use CFG and Spectre mitigations on MSVC builds > > - bring back OpenSSL config loading to Windows builds. > - OpenSSL config is loaded from %installdir%\SSL\openssl.cfg > - (typically: c:\program files\openvpn\SSL\openssl.cfg) if it exists. > + OpenSSL config is loaded from %installdir%\\SSL\\openssl.cfg > + (typically: c:\\program files\\openvpn\\SSL\\openssl.cfg) if it exists. "openssl.cfg" --> "openssl.cnf" please (x2) Also, we use "ssl" instead of "SSL" in the source (win32.c). If the installer also creates the folder as "ssl" it is arguably "more correct" to use the lowercase name in documentation as that's how it will show up in the file system. I haven't checked what case the installer uses. Just nit-picking. Selva
diff --git a/Changes.rst b/Changes.rst index b6f98d51..3d484318 100644 --- a/Changes.rst +++ b/Changes.rst @@ -18,8 +18,8 @@ New features - Windows build: use CFG and Spectre mitigations on MSVC builds - bring back OpenSSL config loading to Windows builds. - OpenSSL config is loaded from %installdir%\SSL\openssl.cfg - (typically: c:\program files\openvpn\SSL\openssl.cfg) if it exists. + OpenSSL config is loaded from %installdir%\\SSL\\openssl.cfg + (typically: c:\\program files\\openvpn\\SSL\\openssl.cfg) if it exists. This is important for some hardware tokens which need special OpenSSL config for correct operation. Trac #1296 @@ -102,7 +102,7 @@ Overview of changes in 2.5.3 ============================ Bugfixes -------- -- CVE-2121-3606 +- CVE-2021-3606 see https://community.openvpn.net/openvpn/wiki/SecurityAnnouncements OpenVPN windows builds could possibly load OpenSSL Config files from
- 2.5.3 had a typo in the CVE ID (CVE-2121-3606 should be -2021-) - 2.5.5 had windows paths with backslashes, which need to be doubled (CVE ID typo also reported by "@attritionorg" in Github PR 165) Signed-off-by: Gert Doering <gert@greenie.muc.de> --- Changes.rst | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-)