Diffusion FreeBSD ports repository rP531963

MFH: r531957
rP531963
Actions

Description

MFH: r531957

security/openvpn: update to 2.4.9 (also for -mbedtls slave port)

At the same time, remove ASYNC_PUSH_LIBS workaround from [1].

Changelog (high-level):
https://github.com/OpenVPN/openvpn/blob/release/2.4/Changes.rst#version-249

Git changelog, marking the three fixes that were already in 2.4.8_3
as cherry-picks with a 1, 2, or 3 instead of "*" to correspond
with the PORTREVISION, and those with "-" that are specific to other systems,
say, Windows.

9b0dafca 2020-04-16 | Preparing release v2.4.9 (ChangeLog, version.m4, Changes.rst) (tag: v2.4.9) [Gert Doering]

3 f7b318f8 2020-04-15 | Fix illegal client float (CVE-2020-11810) [Lev Stipakov]

9bb285e3 2020-03-13 | Fix broken async push with NCP is used [Lev Stipakov]
5f8a9df1 2020-02-12 | Allow unicode search string in --cryptoapicert option [Selva Nair]
4658b3b6 2020-02-12 | Skip expired certificates in Windows certificate store [Selva Nair]
df5ea7f1 2020-02-19 | Fix possible access of uninitialized pipe handles [Selva Nair]
1d9e0be2 2020-02-19 | Fix possibly uninitialized return value in GetOpenvpnSettings() [Selva Nair]
5ee76a8f 2020-03-28 | Fix OpenSSL 1.1.1 not using auto elliptic curve selection [Arne Schwabe]
ed925c0a 2020-04-07 | OpenSSL: Fix --crl-verify not loading multiple CRLs in one file [Maxim Plotnikov]
2fe84732 2020-03-30 | When auth-user-pass file has no password query the management interface (if available). [Selva Nair]
908eae5c 2020-04-03 | Move querying username/password from management interface to a function [Selva Nair]
15bc476f 2020-04-02 | Fix OpenSSL error stack handling of tls_ctx_add_extra_certs [Arne Schwabe]
22df79bb 2020-04-01 | Fetch OpenSSL versions via source/old links [Arne Schwabe]
0efbd8e9 2020-03-31 | mbedTLS: Make sure TLS session survives move [Tom van Leeuwen]
33395693 2020-03-25 | docs: Add reference to X509_LOOKUP_hash_dir(3) [WGH]
7d19b2bb 2019-10-21 | Fix OpenSSL private key passphrase notices [Santtu Lakkala]

2 8484f37a 2020-03-14 | Fix building with --enable-async-push in FreeBSD [Lev Stipakov]

69bbfbdf 2020-02-18 | Swap the order of checks for validating interactive service user [Selva Nair]
0ba4f916 2019-11-09 | socks: use the right function when printing struct openvpn_sockaddr [Antonio Quartulli]

1 3bd91cd0 2019-10-30 | Fix broken fragmentation logic when using NCP [Lev Stipakov]

PR: 244286 [1]

Approved by: ports-secteam (joneum@)