[Buildroot] [PATCH for 2025.02.x] package/openvpn: security bump to v2.6.20
Thomas Perale
thomas.perale at mind.be
Mon May 4 14:47:53 UTC 2026
In reply of:
> See the release notes:
> https://github.com/OpenVPN/openvpn/blob/v2.6.20/Changes.rst
>
> This fixes 2 security issues:
> - CVE-2026-40215:
> race condition in TLS handshake that could lead to leaking of packet
> data from a previous handshake under specific circumstances
> - CVE-2026-35058:
> server ASSERT() on receiving a suitably malformed packet with a valid
> tls-crypt-v2 key
>
> Signed-off-by: Titouan Christophe <titouan.christophe at mind.be>
Applied to 2025.02.x & 2026.02.x. Thanks
> ---
> package/openvpn/openvpn.hash | 2 +-
> package/openvpn/openvpn.mk | 2 +-
> 2 files changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/package/openvpn/openvpn.hash b/package/openvpn/openvpn.hash
> index 0123babe4b..957537dde6 100644
> --- a/package/openvpn/openvpn.hash
> +++ b/package/openvpn/openvpn.hash
> @@ -1,3 +1,3 @@
> # Locally calculated after checking signature
> -sha256 05cb5fdf1ea33fcba719580b31a97feaa019c4a3050563e88bc3b34675e6fed4 openvpn-2.6.16.tar.gz
> +sha256 952ecee5b911a5353c0a6d40af62a7076c6dea1481ef204ce6d3f10481531315 openvpn-2.6.20.tar.gz
> sha256 edaef632cbb643e4e7a221717a6c441a4c1a7c918e6e4d56debc3d8739b233f6 COPYRIGHT.GPL
> diff --git a/package/openvpn/openvpn.mk b/package/openvpn/openvpn.mk
> index 0175c51d63..a117f6ee8c 100644
> --- a/package/openvpn/openvpn.mk
> +++ b/package/openvpn/openvpn.mk
> @@ -4,7 +4,7 @@
> #
> ################################################################################
>
> -OPENVPN_VERSION = 2.6.16
> +OPENVPN_VERSION = 2.6.20
> OPENVPN_SITE = https://swupdate.openvpn.net/community/releases
> OPENVPN_DEPENDENCIES = host-pkgconf libcap-ng
> OPENVPN_LICENSE = GPL-2.0
> --
> 2.53.0
>
> _______________________________________________
> buildroot mailing list
> buildroot at buildroot.org
> https://lists.buildroot.org/mailman/listinfo/buildroot
More information about the buildroot
mailing list