openfortivpn-1.21.0-1.1 RPM for s390x

From OpenSuSE Ports Tumbleweed for s390x

openfortivpn is a client for PPP+SSL VPN tunnel services. It spawns a pppd
process and operates the communication between the gateway and this process.

It is compatible with Fortinet VPNs.

Provides

• openfortivpn
• config(openfortivpn)
• openfortivpn(s390-64)

Requires

• /bin/sh
• /bin/sh
• /bin/sh
• /bin/sh
• config(openfortivpn) = 1.21.0-1.1
• libc.so.6()(64bit)
• libc.so.6(GLIBC_2.15)(64bit)
• libc.so.6(GLIBC_2.2)(64bit)
• libc.so.6(GLIBC_2.3)(64bit)
• libc.so.6(GLIBC_2.3.2)(64bit)
• libc.so.6(GLIBC_2.3.4)(64bit)
• libc.so.6(GLIBC_2.32)(64bit)
• libc.so.6(GLIBC_2.33)(64bit)
• libc.so.6(GLIBC_2.34)(64bit)
• libc.so.6(GLIBC_2.38)(64bit)
• libc.so.6(GLIBC_2.4)(64bit)
• libc.so.6(GLIBC_2.7)(64bit)
• libc.so.6(GLIBC_2.8)(64bit)
• libcrypto.so.3()(64bit)
• libcrypto.so.3(OPENSSL_3.0.0)(64bit)
• libssl.so.3()(64bit)
• libssl.so.3(OPENSSL_3.0.0)(64bit)
• libsystemd.so.0()(64bit)
• libsystemd.so.0(LIBSYSTEMD_209)(64bit)
• ppp
• rpmlib(CompressedFileNames) <= 3.0.4-1
• rpmlib(FileDigests) <= 4.6.0-1
• rpmlib(PayloadFilesHavePrefix) <= 4.0-1
• rpmlib(PayloadIsZstd) <= 5.4.18-1

License

GPL-3.0-or-later

Changelog

* Thu Dec 14 2023 Martin Hauke <mardnh@gmx.de>
  - Update to version 1.21.0
    * fix "Peer refused to agree to his IP address" message, again.
    * deprecate option --plugin.
    * better masking of password in logs.
* Sun Aug 27 2023 Martin Hauke <mardnh@gmx.de>
  - Compile with support for systemd (sd_notify)
* Mon Jul 03 2023 Martin Hauke <mardnh@gmx.de>
  - Update to version 1.20.5
    * revert previous fix from 1.20.4, make it optional.
  - Update to version 1.20.4
    * fix "Peer refused to agree to his IP address" message.
  - Update to version 1.20.3
    * minor change in a warning message.
    * documentation improvement.
    * minor changes in build and test files.
  - Update to version 1.20.2
    * fix regression: do attempt to apply duplicate routes, log
      INFO instead of WARN.
    * minor changes in log messages.
  - Update patch:
    * harden_openfortivpn@.service.patch
* Mon Feb 27 2023 Martin Hauke <mardnh@gmx.de>
  - Update to versoin 1.20.1
    * Bugfix release.
  - Update to versoin 1.20.0
    * Discard invalid empty HDLC frame at end of buffer.
    * Prepend "SVPNCOOKIE=" to the given cookie if missing.
* Wed Oct 12 2022 Martin Hauke <mardnh@gmx.de>
  - Update to version 1.19.0
    * fix "Peer refused to agree to our IP address" message
    * avoid setting duplicate routes
    * remove obsolete code that reads non-XML config from FortiOS
    * improve warning message when reading options from config file
  - Update to version 1.18.0
    * add new options to delegate the authentication to external
      programs
    * minor fixes in documentation
* Sat May 07 2022 Martin Hauke <mardnh@gmx.de>
  - Update to version 1.17.3
    * fix regression: spurious warning message after reading config
* Thu Mar 31 2022 Martin Hauke <mardnh@gmx.de>
  - Update to version 1.17.2
    * fix memory leak when reading user input
    * improve calls to getsockopt() and associated debug output
    * allow reading config from process substitution
    * work around CodeQL false positives, improving code at the same
      time
    * change type of systemd.service from simple to notify
* Wed Oct 13 2021 Johannes Segitz <jsegitz@suse.com>
  - Added hardening to systemd service(s) (bsc#1181400). Added patch(es):
    * harden_openfortivpn@.service.patch
* Thu Sep 09 2021 Martin Hauke <mardnh@gmx.de>
  - Updat eto version 1.17.1
    * fix regression: enable OpenSSL engines by default
    * fix typos found by codespell
    * fix LGTM alerts
* Fri Jul 16 2021 Martin Hauke <mardnh@gmx.de>
  - Update to version 1.17.0
    * make OpenSSL engines optional
    * document and favor --pinentry over plain text password in
      configuration file
    * fix buffer overflow and other errors in URI espcaping for
    - -pinentry
    * use different --pinentry hints for different hosts, usernames
      and realms
    * fix memory management errors related to --user-agent option
* Sun Feb 14 2021 Martin Hauke <mardnh@gmx.de>
  - Update to version 1.16.0
    * support for user key pass phrase
    * add a space at the end of the OTP prompt
    * modify memory allocation in the tunnel configuration structure
    * openfortivpn returns the PPP exit status
    * print SSL socket options in log
* Wed Sep 09 2020 Martin Hauke <mardnh@gmx.de>
  - Update to version 1.15.0
    * fix issue sending pin codes
    * add command line option to bind to specific interface
    * use different hints for OTP and 2FA
    * remove password from /proc/#/cmd
    * extend OTP to allow FTM push
    * add preliminary support for host checks
    * don't accept route to the vpn gateway
    * fix byte counter in pppd_write
* Sat May 23 2020 Martin Hauke <mardnh@gmx.de>
  - Update to version 1.14.1
    * fix out of bounds array access
* Tue May 12 2020 Martin Hauke <mardnh@gmx.de>
  - Update to version 1.14.0
    * add git commit id in debug output
    * do not use interface ip for routing on linux
    * avoid extra hop on interface for default route
    * clean up, updates and improvments in the build system
    * increase the inbound HTTP buffer capacity when needed
    * print domain search list to output
    * add systemd service file
    * add systemd notification when stopping
    * allow logging with both smartcard and username
    * fix GCC 9 and clang warnings
    * bump default minimal TLS version from TLSv1.0 to TLSv1.2
    * fix a couple coverity warnings
  - Package systemd service file
* Wed Apr 01 2020 Martin Hauke <mardnh@gmx.de>
  - Update to version 1.13.3
    * fix a coverity warning
    * cross-compile: do not check resolvconf on the host system
* Wed Mar 25 2020 Martin Hauke <mardnh@gmx.de>
  - Update to version 1.13.2
    * properly build on FreeBSD, even if ppp is not installed at
      configure time
    * build in the absence of resolvconf
* Tue Mar 24 2020 Martin Hauke <mardnh@gmx.de>
  - Update to versin 1.13.0
    * avoid unsupported versions of resolvconf
    * add configure and command line option for resolvconf
    * increase BUFSIZ
    * reinitialize static variables with the --persistent option
    * fix a memory leak in ipv4_add_nameservers_to_resolv_conf
* Thu Feb 27 2020 Martin Hauke <mardnh@gmx.de>
  - Update to version 1.12.0
    * fix CVE-2020-7043: TLS Certificate CommonName NULL Byte
      Vulnerability
    * fix CVE-2020-7042: use of uninitialized memory in
      X509_check_host
    * fix CVE-2020-7041: incorrect use of X509_check_host
      (regarding return value).
    * always hide cleartest password in -vv output
    * add a clear warning about sensitive information in the debug
      output
    * add a hint in debug output when password is read from config
      file
    * fix segfault when connecting with empty password
    * use resolvconf if available to update resolv.conf file
    * replace semicolon by space in dns-suffix string

Files

/etc/openfortivpn
/etc/openfortivpn/config
/usr/bin/openfortivpn
/usr/lib/systemd/system/openfortivpn@.service
/usr/share/doc/packages/openfortivpn
/usr/share/doc/packages/openfortivpn/README.md
/usr/share/licenses/openfortivpn
/usr/share/licenses/openfortivpn/LICENSE
/usr/share/licenses/openfortivpn/LICENSE.OpenSSL
/usr/share/man/man1/openfortivpn.1.gz

Generated by rpm2html 1.8.1

Fabrice Bellet, Sat Mar 9 12:50:11 2024