mirror of
https://github.com/openembedded/meta-openembedded.git
synced 2026-06-14 17:59:59 +00:00
Yi Zhao
8f9b4e04b1
License-Update: Update copyright years to 2024 ChangeLog: https://github.com/OpenVPN/openvpn/blob/v2.6.10/Changes.rst Security fixes: CVE-2024-27459: Windows: fix a possible stack overflow in the interactive service component which might lead to a local privilege escalation. CVE-2024-24974: Windows: disallow access to the interactive service pipe from remote computers. CVE-2024-27903: Windows: disallow loading of plugins from untrusted installation paths, which could be used to attack openvpn.exe via a malicious plugin. Plugins can now only be loaded from the OpenVPN install directory, the Windows system directory, and possibly from a directory specified by HKLM\SOFTWARE\OpenVPN\plugin_dir. CVE-2024-1305: Windows TAP driver: Fix potential integer overflow in !TapSharedSendPacket. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>