-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 01 Jul 2026 22:20:55 +0200 Source: openvpn Binary: openvpn openvpn-dbgsym Architecture: ppc64el Version: 2.6.14-0+deb12u2 Distribution: bookworm-security Urgency: high Maintainer: ppc64el Build Daemon (ppc64el-osuosl-02) Changed-By: Bernhard Schmidt Description: openvpn - virtual private network daemon Changes: openvpn (2.6.14-0+deb12u2) bookworm-security; urgency=high . * Cherry-pick upstream security patches from the 2.6.21 release - CVE-2026-12996: Fix use-after-free bug in ack_write_buf(), triggerable by a well-timed sequence of control channel + authentication packets - CVE-2026-13117: Fix use-after-free bug in tls_wrap_reneg(), triggerable by suitable sequence of dynamic tls-crypt control-channel packets - CVE-2026-13122: Fix server crash on reception of suitably malformed auth-token, if --auth-gen-token external-auth is active - CVE-2026-12932: Fix memory-leak in tls-crypt-v2 client key handling that could lead to out-of-memory situations and subsequent server crashes - CVE-2026-11771: Fix possible 1-byte buffer overrun on NTLMv2 proxy responses. - CVE-2026-13698: Fix another memory leak on reception of suitable tls-crypt-v2 packets that could lead to an out of memory situation and server crash Checksums-Sha1: 3570a8d246b570f250db7e753a3c2e814d4195c2 1306936 openvpn-dbgsym_2.6.14-0+deb12u2_ppc64el.deb d81dd68ff7a4bc3e6a45ca619b763ab28c8e0bf4 7867 openvpn_2.6.14-0+deb12u2_ppc64el-buildd.buildinfo 97f784d548efb35cfc91424a98e6cf5e49b18658 691032 openvpn_2.6.14-0+deb12u2_ppc64el.deb Checksums-Sha256: 15a7dd57f00b7da19e01951eab627b581cb801cde707c235d1a4af19e9b6614c 1306936 openvpn-dbgsym_2.6.14-0+deb12u2_ppc64el.deb 078384430d62fb65bc7231b5a0db240124751a08ee963882f79215a9ce2ea8c0 7867 openvpn_2.6.14-0+deb12u2_ppc64el-buildd.buildinfo c881ba4ae5e67b0f9b7e0b1b73d4b2ef61e9bcdf7f8bf9e53ca26c21076a7050 691032 openvpn_2.6.14-0+deb12u2_ppc64el.deb Files: 9324600dc49a952276d217f4ec60bc6b 1306936 debug optional openvpn-dbgsym_2.6.14-0+deb12u2_ppc64el.deb f500e31319e62fe7a35543650526b7ce 7867 net optional openvpn_2.6.14-0+deb12u2_ppc64el-buildd.buildinfo 61fe8132106a7d869158cc3cf4b8eee8 691032 net optional openvpn_2.6.14-0+deb12u2_ppc64el.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE9ibmwdV9gdKNbK7oV8ucRsMTpuMFAmpG5rQACgkQV8ucRsMT puMZOw//SROlILClXGtY419xiYDA+THxoamnLdn9ZCYGfPIF1UF9/6B9GTQRdDg0 Afgt/lEhL3Y7hKC1XtmVyOVJO9Fc1LIalHhUm/jgWTJxGsj0QBuJCSLDfpHzofZ5 7SgXoThluUfZKCtLuW+l8se4HgYnFtj4X2YxoZAG74UpJ8kNhrmpcsKF8BvUzqe+ M2ufbj1KUgo6myHhARc4HE4bFPXTS9Nbxj6McaHd72gNPb7+WJ/yvI5lb2pd+CxA CQ7SHNXXiEH8T5/rvgCyDT8Tt5gnPeUv71evQ+6pRk9aNwUWte5d2Ztr5WMr1s7u ysRjjcBoJliqqAroeeeZXdD9IOcp3fhgSFPNXgdIfXBKHcbu/Ttxm9a2z2TOdG9y BNm3x2Whk+w3txmptlQ126GCxnkEHK+NnbaWuJ/krR6j0MgOFNl89vDIj0uKcm4e cmnGoVuY1fAatHL1MLiKm556N78Zlv/XUHibIp10CrYpjb0CuQPTqISab3ZO5ACX J8ilxGVkuhUHPOTvCx/z4nQ+Y7yjNwGJmirMmtbF2e5CDVC4afrjAwZT+09IG8Tb lLm6MP7v7Cln6Znj5fIczlBSe2nKeySSCZ6OJTDwFB2xsMsQLg73Y9fnHSwKOcG4 MZBx6PMYph5rGpi+18AxNojbA/gDpUJanmkFhqIte2BkKSqs4z0= =k+oc -----END PGP SIGNATURE-----