Package: openconnect / 7.08-1+deb9u1

Metadata

Package Version Patches format
openconnect 7.08-1+deb9u1 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
fix tests shell syntax.patch | (download)

tests/auth-pkcs11 | 2 1 + 1 - 0 !
tests/common.sh | 2 1 + 1 - 0 !
2 files changed, 2 insertions(+), 2 deletions(-)

 tests: avoid using eval with variable assignments
 .
 For shell portability, avoid using eval with variable assignments to set
 openconnect's environment. Shell implementations vary on whether
 variable assignments in front of eval are marked as environment
 variables or just treated as ordinary shell assignments.
 .
 Every call to $OPENCONNECT already has LD_PRELOAD=libsocket_wrapper.so
 in front of it, so the "eval LD_PRELOAD=libsocket_wrapper.so" was
 redundant anyway.
softhsm2 module workaround.patch | (download)

tests/.config/pkcs11/modules/softhsm2.module | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 hardcode the debian path to libsofthsm2.so
 A p11-kit module file is provided by the upstream test suite to ensure that
 the softhsm2 module is loaded. Unfortunately the filename is wrong on Debian,
 so this fixes the path. When #849158 is fixed, this workaround will no longer
 be necessary.
 .
 In the meantime, upstream has stopped shipping this config file, so the next
Close HTTPS connection on failure returns from proce.patch | (download)

http.c | 24 19 + 5 - 0 !
1 file changed, 19 insertions(+), 5 deletions(-)

 close https connection on failure returns from
 process_http_response()
Fix buffer overflow with chunked HTTP handling CVE 2.patch | (download)

http.c | 15 14 + 1 - 0 !
1 file changed, 14 insertions(+), 1 deletion(-)

 fix buffer overflow with chunked http handling (cve-2019-16239)