From 6853ab171eff406db8b2451117bae397f926f4d2 Mon Sep 17 00:00:00 2001 From: Matthias Andree Date: Wed, 25 Jan 2023 23:29:50 +0100 Subject: security/openvpn*: update to 2.6.0, keep openvpn25 - copy openvpn to openvpn25, mark as deprecated and to expire March 31 - update openvpn to openvpn 2.6.0, highlights from Frank Lichtenheld's release announcement e-mail, slightly edited: * Data Channel Offload (DCO) kernel acceleration support for Windows, Linux, and FreeBSD [14]. * OpenSSL 3 support * Improved handling of tunnel MTU, including support for pushable MTU. * Outdated cryptographic algorithms disabled by default, but there are options to override if necessary. * Reworked TLS handshake, making OpenVPN immune to replay-packet state exhaustion attacks. * Added --peer-fingerprint mode for a more simplistic certificate setup and verification. * Improved protocol negotiation, leading to faster connection setup. ChangeLog: https://github.com/OpenVPN/openvpn/blob/v2.6.0/Changes.rst --- UPDATING | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'UPDATING') diff --git a/UPDATING b/UPDATING index 5a3589afcb62..da07f5911da4 100644 --- a/UPDATING +++ b/UPDATING @@ -5,6 +5,16 @@ they are unavoidable. You should get into the habit of checking this file for changes each time you update your ports collection, before attempting any port upgrades. +20230127: + AFFECTS: users of security/openvpn + AUTHOR: mandree@freebsd.org + + OpenVPN has been updated to the new upstream release v2.6.0, which + is quite compatible with v2.5 versions. + + A copy of the latest v2.5.8 port is being kept as security/openvpn25 (or + openvpn25 package) until end of March 2023. + 20230116: AFFECTS: users of sysutils/nut and sysutils/nut-devel AUTHOR: cy@freebsd.org -- cgit v1.2.3