openvpn: update to 2.4.11
authorMagnus Kroken <mkroken@gmail.com>
Wed, 21 Apr 2021 20:10:58 +0000 (22:10 +0200)
committerHauke Mehrtens <hauke@hauke-m.de>
Sun, 2 May 2021 12:43:52 +0000 (14:43 +0200)
commit7198ae4cf3a796d4b00f5e9c685a538712c4ae99
treeab1046c6fbd8c3cdfc4c71fc7d8ff7740fd2ed95
parenta8beddcd3462acb62013eccadd4325c84d0114de
openvpn: update to 2.4.11

Fixes two related security vulnerabilities (CVE-2020-15078) which under
very specific circumstances allow tricking a server using delayed
authentication (plugin or management) into returning a PUSH_REPLY before
the AUTH_FAILED message, which can possibly be used to gather
information about a VPN setup.

This release also includes other bug fixes and improvements.

Signed-off-by: Magnus Kroken <mkroken@gmail.com>
package/network/services/openvpn/Makefile
package/network/services/openvpn/patches/110-openssl-dont-use-deprecated-ssleay-symbols.patch