All comments and questions related to the functionality of the OpenVPN web pages and forum should go here.
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
-
4367be43a437994fbb137d596406b05c
- OpenVpn Newbie
- Posts: 1
- Joined: Thu May 18, 2017 12:00 pm
Post
by 4367be43a437994fbb137d596406b05c » Thu May 18, 2017 12:21 pm
Downloading
http://swupdate.openvpn.net/community/r ... .15.tar.xz from different locations in Germany gives me a file with MD5 sum fcc00e0c7650a260a606b84d41dda9fa. Downloading the same file from Switzerland gives me a MD5 4367be43a437994fbb137d596406b05c.
Here is the diff:
Code: Select all
diff -r openvpn-2.3.15-de/ChangeLog openvpn-2.3.15-ch/ChangeLog
18c18
< Steffan Karger (6):
---
> Steffan Karger (5):
24d23
< Don't assert out on receiving too-large control packets (CVE-2017-7478)
Only in openvpn-2.3.15-de/sample/sample-plugins/defer: Makefile~
Only in openvpn-2.3.15-de/sample/sample-plugins/defer: defer-w-pf.o
Only in openvpn-2.3.15-de/sample/sample-plugins/defer: defer-w-pf.so
Only in openvpn-2.3.15-de/sample/sample-plugins/defer: test.c~
Only in openvpn-2.3.15-de/sample/sample-plugins/log: log_v3.o
Only in openvpn-2.3.15-de/sample/sample-plugins/log: log_v3.so
Only in openvpn-2.3.15-de/sample/sample-plugins/simple: base64.o
Only in openvpn-2.3.15-de/sample/sample-plugins/simple: base64.so
diff -r openvpn-2.3.15-de/src/openvpn/ssl.c openvpn-2.3.15-ch/src/openvpn/ssl.c
3228,3233c3228
< if (!buf_copy (in, buf))
< {
< msg (D_MULTI_DROPPED,
< "Incoming control channel packet too big, dropping.");
< goto error;
< }
---
> ASSERT (buf_copy (in, buf));
That looks quite obvious like a mistake, but it should be documented somewhere.
-
dazo
- OpenVPN Inc.
- Posts: 155
- Joined: Mon Jan 11, 2010 10:14 am
- Location: dazo :: #openvpn-devel @ libera.chat
Post
by dazo » Thu May 18, 2017 1:16 pm
Yes, unfortunately we managed to make a real mess with the v2.3.15 tarballs. This was a big mistake, and we are truly sorry for that. We were made aware of these issues quite recently.
We're now in the middle of fixing this, so please do await further updates on this thread.
-
dazo
- OpenVPN Inc.
- Posts: 155
- Joined: Mon Jan 11, 2010 10:14 am
- Location: dazo :: #openvpn-devel @ libera.chat
Post
by dazo » Tue Nov 14, 2017 2:55 pm
This got resolved ages ago, and the latest releases are 2.3.18 and 2.4.4. So this is no longer an issue and have been resolved.
For latest updates, please see here:
https://openvpn.net/index.php/open-sour ... loads.html