Removing focal as it has reached the final 2.4.x version

** Description changed:

- Backport openvpn to focal, jammy and noble once the update for oracular
- has been completed.
+ This bug tracks an update for the OpenVPN package, moving to versions:
  
- <List exact versions being upgraded from and to for each release>
+ * Noble (24.04): openvpn 2.6.12
+ * Jammy (22.04): openvpn 2.5.11
  
- [Impact]
- TBD
+ These updates include bug fixes following the SRU policy exception
+ defined at https://wiki.ubuntu.com/OpenVPNUpdates.
  
- <List bug links to former cases of SRU backports for this package>[Major 
Changes]
- TBD
+ [Upstream changes]
+ 
+ Changes from 2.6.9 to 2.6.12 include:
+ 
+ CVE Fixes:
+ 
+ CVE-2024-4877
+ CVE-2024-5594
+ CVE-2024-28882
+ CVE-2024-27459
+ CVE-2024-24974
+ CVE-2024-27903
+ 
+ Updates:
+ 
+ Allow trailing \r and \n in control channel message
+ Implement --server-poll-timeout on SOCKS proxies
+ Implement Windows CA template match for Crypto-API selector
+ Update sample configuration files
+ Update systemd unit file documentation references
+ Remove After=syslog.target in suggested systemd service files
+ 
+ Bug Fixes:
+ 
+ Fix issue with proxy credentials caching
+ Fix LibreSSL crashing when enumerating digests/cipher with workaround
+ Use snprintf instead of sprintf for get_ssl_library_version
+ Fix disabling DCO when proxy is set via management interface
+ 
+ Looking through each commit from the release of 2.6.9 to 2.6.12, I could
+ not find any backwards-incompatible changes. There are minor changes to
+ the user experience though. As listed in the updates section, --server-
+ poll-timeout now works for SOCKS proxies. Some documentation has changed
+ too. None of the commits should affect existing configurations though.
+ 
+ Full release notes for versions 2.6.9-2.6.12:
+ https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn26
+ 
+ Changes from 2.5.9 to 2.5.11 include:
+ 
+ CVE-2024-5594
+ CVE-2024-27459
+ CVE-2024-24974
+ CVE-2024-27903
+ 
+ Updates:
+ 
+ Allow trailing \r and \n in control channel message
+ 
+ 2.5.x updates are less common, focusing on CVE fixes. Going commit by
+ commit here, no backwards-incompatible changes exist.
+ 
+ Full release notes for versions 2.5.9-2.5.11:
+ https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn25
  
  [Test Plan]
- <Link to wiki SRU backport page>TBD
+ 
+ DEP-8 Tests:
+ server-setup-with-ca - creates and tests an OpenVPN server setup with its own 
certificate authority
+ server-setup-with-static-key - creates and tests an OpenVPN server setup 
using a static key for authentication
  
  [Regression Potential]
- Upstream has an extensive build and integration test suite. So regressions 
would likely arise from a change in interaction with Ubuntu-specific 
integrations, such as in relation to the versions of dependencies available and 
other packaging-specific matters.
- <Also, ...>
+ 
+ Upstream has an extensive build and integration test suite. So
+ regressions would likely arise from a change in interaction with Ubuntu-
+ specific integrations. This would most likely include the change of
+ behavior for --server-poll-timeout and allowing \r and \n in control
+ channel messages.

** Summary changed:

- Backport of openvpn for focal, jammy and noble
+ Backport of openvpn for jammy and noble

** No longer affects: openvpn (Ubuntu Focal)

** Changed in: openvpn (Ubuntu Jammy)
       Status: New => In Progress

** Changed in: openvpn (Ubuntu Noble)
       Status: New => In Progress

** Changed in: openvpn (Ubuntu)
       Status: New => In Progress

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2073318

Title:
  Backport of openvpn for jammy and noble

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openvpn/+bug/2073318/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to