contains a number of bugfixes and minor improvements, plus fixes
for two bugs that have been assigned CVEs:
- CVE-2023-46850 OpenVPN versions between 2.6.0 and 2.6.6 incorrectly use
a send buffer after it has been free()d in some circumstances, causing
some free()d memory to be sent to the peer. All configurations using TLS
(e.g. not using --secret) are affected by this issue.
(found while tracking down CVE-2023-46849 / Github #400, #417)
- CVE-2023-46849 OpenVPN versions between 2.6.0 and 2.6.6 incorrectly
restore "--fragment" configuration in some circumstances, leading to
a division by zero when "--fragment" is used. On platforms where
division by zero is fatal, this will cause an OpenVPN crash.
see also https://community.openvpn.net/openvpn/wiki/SecurityAnnouncements
Also adjust files/patch-tests__t_cltsrv.sh because upstream commit
d623aa6c29 conflicts with this patch.
Security: 2fe004f5-83fd-11ee-9f5d-31909fb2f495
Security: CVE-2023-46849
Security: CVE-2023-46850
110af6a7be