Message ID | 20211227201616.13315-1-gert@greenie.muc.de |
---|---|
State | Accepted |
Headers | show |
Series | [Openvpn-devel,v2] fix Changes.rst errors in 2.5.3 and 2.5.5 announcement | expand |
Acked-By: Selva Nair <selva.nair@gmail.com> On Mon, Dec 27, 2021 at 3:17 PM Gert Doering <gert@greenie.muc.de> wrote: > > - 2.5.3 had a typo in the CVE ID (CVE-2121-3606 should be -2021-) > - 2.5.5 had windows paths with backslashes, which need to be doubled > > (CVE ID typo also reported by "@attritionorg" in Github PR 165) > > v2: SSL -> ssl, and .cfg -> .cnf > > Signed-off-by: Gert Doering <gert@greenie.muc.de> > --- > Changes.rst | 6 +++--- > 1 file changed, 3 insertions(+), 3 deletions(-) > > diff --git a/Changes.rst b/Changes.rst > index b6f98d51..4e4f2018 100644 > --- a/Changes.rst > +++ b/Changes.rst > @@ -18,8 +18,8 @@ New features > - Windows build: use CFG and Spectre mitigations on MSVC builds > > - bring back OpenSSL config loading to Windows builds. > - OpenSSL config is loaded from %installdir%\SSL\openssl.cfg > - (typically: c:\program files\openvpn\SSL\openssl.cfg) if it exists. > + OpenSSL config is loaded from %installdir%\\ssl\\openssl.cnf > + (typically: c:\\program files\\openvpn\\ssl\\openssl.cnf) if it exists. > > This is important for some hardware tokens which need special > OpenSSL config for correct operation. Trac #1296 > @@ -102,7 +102,7 @@ Overview of changes in 2.5.3 > ============================ > Bugfixes > -------- > -- CVE-2121-3606 > +- CVE-2021-3606 > see https://community.openvpn.net/openvpn/wiki/SecurityAnnouncements > > OpenVPN windows builds could possibly load OpenSSL Config files from -- Selva
Patch has been applied to the release/2.5 branch. commit e3bac09f6a128260e23d94463862757b576a12c3 Author: Gert Doering Date: Mon Dec 27 21:16:16 2021 +0100 fix Changes.rst errors in 2.5.3 and 2.5.5 announcement Signed-off-by: Gert Doering <gert@greenie.muc.de> Acked-by: Selva Nair <selva.nair@gmail.com> Message-Id: <20211227201616.13315-1-gert@greenie.muc.de> URL: https://www.mail-archive.com/search?l=mid&q=20211227201616.13315-1-gert@greenie.muc.de Signed-off-by: Gert Doering <gert@greenie.muc.de> -- kind regards, Gert Doering
diff --git a/Changes.rst b/Changes.rst index b6f98d51..4e4f2018 100644 --- a/Changes.rst +++ b/Changes.rst @@ -18,8 +18,8 @@ New features - Windows build: use CFG and Spectre mitigations on MSVC builds - bring back OpenSSL config loading to Windows builds. - OpenSSL config is loaded from %installdir%\SSL\openssl.cfg - (typically: c:\program files\openvpn\SSL\openssl.cfg) if it exists. + OpenSSL config is loaded from %installdir%\\ssl\\openssl.cnf + (typically: c:\\program files\\openvpn\\ssl\\openssl.cnf) if it exists. This is important for some hardware tokens which need special OpenSSL config for correct operation. Trac #1296 @@ -102,7 +102,7 @@ Overview of changes in 2.5.3 ============================ Bugfixes -------- -- CVE-2121-3606 +- CVE-2021-3606 see https://community.openvpn.net/openvpn/wiki/SecurityAnnouncements OpenVPN windows builds could possibly load OpenSSL Config files from
- 2.5.3 had a typo in the CVE ID (CVE-2121-3606 should be -2021-) - 2.5.5 had windows paths with backslashes, which need to be doubled (CVE ID typo also reported by "@attritionorg" in Github PR 165) v2: SSL -> ssl, and .cfg -> .cnf Signed-off-by: Gert Doering <gert@greenie.muc.de> --- Changes.rst | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-)