[ubuntu/noble-updates] openvpn 2.6.14-0ubuntu0.24.04.1 (Accepted)

[Nick Rosbrook]

openvpn (2.6.14-0ubuntu0.24.04.1) noble; urgency=medium

  * New upstream version 2.6.14 (LP: #2040467):
    - CVE Fixes:
      + CVE-2025-2704
    - Updates:
      + Send uname() release from client to server as IV_PLAT_VER.
      + Pass --timeout=0 argument to systemd-ask-password, to avoid default
        timeout of 90 seconds.
    - Bug Fixes:
      + Repair source IP selection for --multihome.
      + Allow tls-crypt-v2 to be setup only on initial packet of a session.
      + Fix some missing spaces in messages.
      + Fix parsing of usernames or passwords longer than USER_PASS_LEN on the
        server side to avoid IV variable misparsing and misleading errors.
      + Purge proxy authentication credentials from memory after use (if
        --auth-nocache is in use).
    - See https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn26 for
      additional bug fixes and information.
  * Remove patches fixed upstream:
    - d/p/CVE-2025-2704.patch
    [Fixed in 2.6.14]
  * d/t/control: Move to isolation-container to enable armhf/LXD coverage (LP 2104146).

Date: 2025-06-03 13:56:11.268360+00:00
Changed-By: Lena Voytek <lena.voytek at canonical.com>
Signed-By: Nick Rosbrook <nick.rosbrook at canonical.com>
https://launchpad.net/ubuntu/+source/openvpn/2.6.14-0ubuntu0.24.04.1
-------------- next part --------------
Sorry, changesfile not available.