| Anonymous | Login | 2024-04-26 16:42 MDT |
| Main | My View | View Issues | Change Log | Roadmap | Repositories |
| View Issue Details [ Jump to Notes ] | [ Issue History ] [ Print ] | ||||||||
| ID | Project | Category | View Status | Date Submitted | Last Update | ||||
| 0013151 | ClearOS | openvpn | public | 2017-02-21 09:21 | 2017-04-18 11:48 | ||||
| Reporter | user2 | ||||||||
| Assigned To | user2 | ||||||||
| Priority | high | Severity | major | Reproducibility | always | ||||
| Status | closed | Resolution | fixed | ||||||
| Platform | OS | OS Version | |||||||
| Product Version | |||||||||
| Target Version | 7.3.1 Updates | Fixed in Version | 7.3.1 Updates | ||||||
| Summary | 0013151: Consider pushing through OpenVPN - EPEL override | ||||||||
| Description | The Sweet32 vulnerability exists in OpenVPN. We should consider getting ahead of the curve instead of waiting on an EPEL update. More info: https://sweet32.info/ [^] | ||||||||
| Tags | No tags attached. | ||||||||
| Attached Files | |||||||||
 Relationships |
|
 Relationships |
|
Notes |
|
|
(0004831) NickH (developer) 2017-02-21 10:29 edited on: 2017-02-21 14:37 |
I've done some more investigating and reading of https://sweet32.info/ [^] and the OpenVPN site. It looks like the changelog for 2.3.13, https://forums.openvpn.net/viewtopic.php?f=20&t=22742, [^] limits the reneg-bytes to 64MB anyway which would make upgrading OpenVPN not so necessary. I've also posted a question requesting clarifying of the reneg-bytes unit of measure https://forums.openvpn.net/viewtopic.php?f=4&t=23490&e=1 [^] |
|
(0004851) NickH (developer) 2017-02-21 14:40 |
Link fixed to my post in the OpenVPN forum in the previous comment. Summary: - reneg-bytes should be 64000000 and not 64000 (was a typo on their wiki) - Upgrade to 2.4 all round if you can. |
|
(0005371) NickH (developer) 2017-04-14 12:06 |
openvpn-2.4.1-2.el7 has made its way through to epel-unverified. Can this now be pushed into a clearos repo? |
|
Notes |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2017-02-21 09:21 | user2 | New Issue | |
| 2017-02-21 09:27 | user2 | Status | new => confirmed |
| 2017-02-21 10:29 | NickH | Note Added: 0004831 | |
| 2017-02-21 14:37 | NickH | Note Edited: 0004831 | View Revisions |
| 2017-02-21 14:40 | NickH | Note Added: 0004851 | |
| 2017-04-14 12:06 | NickH | Note Added: 0005371 | |
| 2017-04-17 12:31 | user2 | Priority | normal => high |
| 2017-04-18 11:47 | user2 | Status | confirmed => resolved |
| 2017-04-18 11:47 | user2 | Fixed in Version | => 7.3.1 Updates |
| 2017-04-18 11:47 | user2 | Resolution | open => fixed |
| 2017-04-18 11:47 | user2 | Assigned To | => user2 |
| 2017-04-18 11:48 | user2 | Status | resolved => closed |
|
Issue History |