@ -6,8 +6,8 @@
%bcond_without tests_long
%bcond_without tests_long
Name: openvpn
Name: openvpn
Version: 2.4.2
Version: 2.4.3
Release: 2 %{?prerelease:.%{prerelease}}%{?dist}
Release: 1 %{?prerelease:.%{prerelease}}%{?dist}
Summary: A full-featured SSL VPN solution
Summary: A full-featured SSL VPN solution
URL: https://community.openvpn.net/
URL: https://community.openvpn.net/
Source0: https://swupdate.openvpn.org/community/releases/%{name}-%{version}%{?prerelease:_%{prerelease}}.tar.xz
Source0: https://swupdate.openvpn.org/community/releases/%{name}-%{version}%{?prerelease:_%{prerelease}}.tar.xz
@ -15,16 +15,20 @@ Source1: https://swupdate.openvpn.org/community/releases/%{name}-%{ver
Source2: roadwarrior-server.conf
Source2: roadwarrior-server.conf
Source3: roadwarrior-client.conf
Source3: roadwarrior-client.conf
Source4: README.systemd
Source4: README.systemd
# Upstream signing key
Source6: gpgkey-F554A3687412CFFEBDEFE0A312F5F7B42F2B01E7.gpg
License: GPLv2
License: GPLv2
Group: Applications/Internet
Group: Applications/Internet
BuildRequires: systemd-devel
BuildRequires: systemd-devel
BuildRequires: lzo-devel
BuildRequires: lzo-devel
BuildRequires: lz4-devel
BuildRequires: lz4-devel
BuildRequires: compat- openssl10 -devel
BuildRequires: openssl-devel
BuildRequires: compat-openssl10- pkcs11-helper-devel >= 1.11
BuildRequires: pkcs11-helper-devel >= 1.11
BuildRequires: pam-devel
BuildRequires: pam-devel
# For the perl_default_filter macro
# For the perl_default_filter macro
BuildRequires: perl-macros
BuildRequires: perl-macros
%{?systemd_requires}
BuildRequires: systemd
BuildRequires: systemd-units
BuildRequires: systemd-units
BuildRequires: libselinux-devel
BuildRequires: libselinux-devel
# For /sbin/ip.
# For /sbin/ip.
@ -61,6 +65,7 @@ to similar features as the various script-hooks.
%prep
%prep
gpgv2 --quiet --keyring %{SOURCE6} %{SOURCE1} %{SOURCE0}
%setup -q -n %{name}-%{version}%{?prerelease:_%{prerelease}}
%setup -q -n %{name}-%{version}%{?prerelease:_%{prerelease}}
sed -i -e 's,%{_datadir}/openvpn/plugin,%{_libdir}/openvpn/plugin,' doc/openvpn.8
sed -i -e 's,%{_datadir}/openvpn/plugin,%{_libdir}/openvpn/plugin,' doc/openvpn.8
@ -149,8 +154,9 @@ getent passwd openvpn &>/dev/null || \
%systemd_preun openvpn-server@\*.service
%systemd_preun openvpn-server@\*.service
%postun
%postun
%systemd_postun openvpn-client@\*.service
%systemd_postun_with_restart openvpn-client@\*.service
%systemd_postun openvpn-server@\*.service
%systemd_postun_with_restart openvpn-server@\*.service
%systemd_postun_with_restart openvpn@\*.service
%files
%files
@ -178,6 +184,16 @@ getent passwd openvpn &>/dev/null || \
%changelog
%changelog
* Wed Jun 21 2017 David Sommerseth <dazo@eurephia.org> - 2.4.3-1
- Updating to upstream openvpn-2.4.3
- Fix remotely-triggerable ASSERT() on malformed IPv6 packet {CVE-2017-7508}
- Prevent two kinds of stack buffer OOB reads and a crash for invalid input data {CVE-2017-752
- Fix potential double-free in --x509-alt-username {CVE-2017-7521}
- Fix remote-triggerable memory leaks {CVE-2017-7521}
- Ensure OpenVPN systemd services are restarted upon upgrades
- Verify PGP signature of source tarball as part of package building
- Build against system lz4 library
* Fri May 12 2017 David Sommerseth <dazo@eurephia.org> - 2.4.2-2
* Fri May 12 2017 David Sommerseth <dazo@eurephia.org> - 2.4.2-2
- Install and take ownership of /run/openvpn-{client,server} (rhbz#1444601)
- Install and take ownership of /run/openvpn-{client,server} (rhbz#1444601)
- Install and take ownership of /var/lib/openvpn (rhbz#922786)
- Install and take ownership of /var/lib/openvpn (rhbz#922786)
David Sommerseth
8 years ago