On Fri, May 12, 2017 at 04:13:53PM +0200, Raphael Hertzog wrote: > Hi, > > On Fri, 12 May 2017, Chris Lamb wrote: > > The Debian LTS team would like to fix the security issues which are > > currently open in the Wheezy version of openvpn: > > https://security-tracker.debian.org/tracker/source-package/openvpn > > I have just prepared an update based on the upstream patches posted > here: > https://sourceforge.net/p/openvpn/mailman/message/35835703/ > > You can find the updated package here: > dget > https://people.debian.org/~hertzog/packages/openvpn_2.2.1-8+deb7u4_amd64.changes > > I don't have any wheezy-based OpenVPN setup that I can use to test that > this update did not introduce any regression. So it would be nice if some > LTS users could grab the above package, update their system and let me > know their findings. It should be relatively safe but one never knows... > > Thank you!
Hi, I'm sorry I did not see this before, since I had packages ready for Wheezy, Jessie and Stretch already. I contacted securit@d.o yesterday but their reply arrived late at night (instructing me to contact LTS about the Wheezy package). >From a quick review, the patches you applied are basically the ones in my package, so I guess they must be OK. I only have one OpenVPN server running Wheezy these days but I cannot test this until tomorrow (under heavy use right now). If that's fine with you I'll come back with news. Regards, Alberto -- Alberto Gonzalez Iniesta | Formación, consultoría y soporte técnico mailto/sip: a...@inittab.org | en GNU/Linux y software libre Encrypted mail preferred | http://inittab.com Key fingerprint = 5347 CBD8 3E30 A9EB 4D7D 4BF2 009B 3375 6B9A AA55
