-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 21 Nov 2025 00:45:17 +0100 Source: openvpn Binary: openvpn openvpn-dbgsym Architecture: riscv64 Version: 2.6.14-1+deb13u1 Distribution: trixie-security Urgency: medium Maintainer: riscv64 Build Daemon (rv-osuosl-04) Changed-By: Bernhard Schmidt Description: openvpn - virtual private network daemon Closes: 1114249 1121086 Changes: openvpn (2.6.14-1+deb13u1) trixie-security; urgency=medium . * Cherry-pick patches for CVE-2025-13086 - check-message-id.patch: Check message id/acked ids too when doing sessionid cookie checks - bugfix for floating client problem, code prequesite for the CVE patch to apply - CVE-2025-13086.patch: Fix memcmp check for the hmac verification in the 3way handshake being inverted (Closes: #1121086) * fix-ftbfs-kernel-6.16.patch: Fix compilation against 6.16+ kernel headers (Closes: #1114249) * d/gbp.conf: set debian-branch for trixie Checksums-Sha1: 9af2fd85a89d8a730b12926745a9bc8fa442d6ce 1192200 openvpn-dbgsym_2.6.14-1+deb13u1_riscv64.deb 0e736e549ceabcbeaeb3fa84c9686a2dd85fd9ac 7049 openvpn_2.6.14-1+deb13u1_riscv64-buildd.buildinfo a5aa1a5a3c641aaeed42b509508e3f9c4f782829 668880 openvpn_2.6.14-1+deb13u1_riscv64.deb Checksums-Sha256: 66e16655eb625d15f7dccb2c6d325b638d04dd8efa5c4f8e44bdaaf2a3fba370 1192200 openvpn-dbgsym_2.6.14-1+deb13u1_riscv64.deb 43e648a0469e261db08c608b175c2ff573661c41f4c0274ae9577bf70af8c04b 7049 openvpn_2.6.14-1+deb13u1_riscv64-buildd.buildinfo 330d6965f843efa91b26a84c09c587306a896714974edd28941038ea7c4d5526 668880 openvpn_2.6.14-1+deb13u1_riscv64.deb Files: 0d4b9f34e44e6f77f080d3717989b993 1192200 debug optional openvpn-dbgsym_2.6.14-1+deb13u1_riscv64.deb 541eeac8799331cd428d08af62f4647c 7049 net optional openvpn_2.6.14-1+deb13u1_riscv64-buildd.buildinfo e6f74091794d39ae25d619ab7540034c 668880 net optional openvpn_2.6.14-1+deb13u1_riscv64.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEXdYE8jIyQrcTUoLjqveDaIZPrEcFAmksy70ACgkQqveDaIZP rEfBpw/7BiTUsyX3i99POfDd++LQbIWORu1+sPkgrDrU1XHI7ulAEhhJSKywGDEG MCzoxdWyVqc44gggr3FwdwoSbF7PC4AVqTYBlXHDyxcFOmFwgrD7rGAMkP5bthUb tdjbcdmR++0dh270jc4k8E5YC97ZBftWDo0xE9iqTjANFglFkMZyzDTWdmwK3xjM 4w7OrxMsIheR07gpnCJL9jsT8Vz/aW3V1Fr0zPIyOhDTeOdcCezGl15GySu25sVz 44YGRxZZIDBQ0buy9ru5vjL8M7CmkfhQyPb2T11nL8yurgrvefWNSAKWqY7iteBo 17GfW2kHHo4tOm5dwQsQliBimCm5O467T2XPXFRQBTp/h4sgltofuqJy9+tpHK2a weJsNKwu2987LQOa+6Z1x8c0rnab2VjZgaOZqH/3F42lw9yP1OxtkJ1r2z9Zs9vK nhecRx1R9FEke0JyjaZJlIXt6qgRql6F+dnMAxZAPtL3IWsHTZN2oO2/PAMcJl4D Fzh2zcHW+I+d9z3gaCmBUhbIx3YWgOBrfZ9aAFBFKHBwar3GUKffT9cwdLBZRjx9 inzu0L/UF873iAVUZ8AmTWdhL2PGk3YebMb3ls5+YxHhpf7MErFVfiMUi4e42TWl lPEpU6+3wsHR36sWXr5O8VZuLQ/EOvKZN7xKNJayNpd4OKx46GM= =jUuo -----END PGP SIGNATURE-----