-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 21 Nov 2025 00:45:17 +0100
Source: openvpn
Binary: openvpn openvpn-dbgsym
Architecture: arm64
Version: 2.6.14-1+deb13u1
Distribution: trixie-security
Urgency: medium
Maintainer: arm Build Daemon (arm-conova-03) <buildd_arm64-arm-conova-03@buildd.debian.org>
Changed-By: Bernhard Schmidt <berni@debian.org>
Description:
 openvpn    - virtual private network daemon
Closes: 1114249 1121086
Changes:
 openvpn (2.6.14-1+deb13u1) trixie-security; urgency=medium
 .
   * Cherry-pick patches for CVE-2025-13086
     - check-message-id.patch: Check message id/acked ids too when doing
       sessionid cookie checks - bugfix for floating client problem, code
       prequesite for the CVE patch to apply
     - CVE-2025-13086.patch: Fix memcmp check for the hmac verification in the
       3way handshake being inverted (Closes: #1121086)
   * fix-ftbfs-kernel-6.16.patch: Fix compilation against 6.16+ kernel
     headers (Closes: #1114249)
   * d/gbp.conf: set debian-branch for trixie
Checksums-Sha1:
 db967edc67b0c74239920e6a5a2f3be8506db0bf 1254568 openvpn-dbgsym_2.6.14-1+deb13u1_arm64.deb
 def5f8d5e3bcea948165e89369b9cecbb4e800f5 7092 openvpn_2.6.14-1+deb13u1_arm64-buildd.buildinfo
 7cef1d0e2463d178d0a5ef6d19e20499faf70342 627924 openvpn_2.6.14-1+deb13u1_arm64.deb
Checksums-Sha256:
 721950b4daec40de073fe4146f359cf2ad97cd4baf5b855a083c6ded8b787b2f 1254568 openvpn-dbgsym_2.6.14-1+deb13u1_arm64.deb
 23ad8c78ded57c6cff553cf55eee459831c59e03aa7eea8599e7b482908de60a 7092 openvpn_2.6.14-1+deb13u1_arm64-buildd.buildinfo
 62535c74de860d02519575eda26ff5de5ced8824689487c0b1cff004a2df9b8e 627924 openvpn_2.6.14-1+deb13u1_arm64.deb
Files:
 62e67a1cf2ae92779e915ba167676dbe 1254568 debug optional openvpn-dbgsym_2.6.14-1+deb13u1_arm64.deb
 398ef1d348301073781639b97d7c274b 7092 net optional openvpn_2.6.14-1+deb13u1_arm64-buildd.buildinfo
 8ec8c488a52f78f9f74de4cd4c7189b7 627924 net optional openvpn_2.6.14-1+deb13u1_arm64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEVM4SKBZumztS8zr3lST9Us03ywsFAmksyDsACgkQlST9Us03
yws7eRAAiR3AjDA/77IR/x7Cv9iWyL2m4omMELxZ0c9SAHbn4FNlqSkGbte5N6aL
XbVhVhJpHuJeiFYO2e7mPGh6qzfYxOEfeqsHp45f83v/TDOoMI9fOwV+zt97TuR1
/E91XWJ697wNMV/YUbjSd6x6qPJWuSw95EYQTy09rFmF38Hn69UCwokjaV3tUo+V
ZkWeEYADKOn4e7bXzNB1yYiuG4RwUUuAKDGm99chuhv2cbpEc9VBBmn8IGK7FIG7
j/cCkDi3MAjHt7ztikISbsaushgfERlzRxBPXBMt0T1IzasoRJL3kvAelRztmhsy
GB8iWngk4IG9sNokBBp8pNeYZ3fyU6EQNBtYM8POmeYxR99x4kTW9U2NoctdX7Wa
8R9N8jmUoe5YECT990MxG0seXYpUIabFwhbLBxc15+HwuiEu8lrL4KbNG/uabe1w
hfzKhEjrY5vdPSjDU7mNYFE6sQ1wSUGlCPQJmF/QnOOdQCnhtY17H2YWCV7Mh/i7
3vtic1v+jN/6E3lE/O6S5p2bbSwm4ev86MlvBoBUxmJxjwMUf+tl7n/lrlMB589Z
82ddboLdmLGnZcHdZlUyTRyjy3E+18IpcGs4goZ/h5FtOGwoSF2J5is44caXLE4I
07l5JO8sfCF3L5LsAVdHh4CramF3rdMUq2f+RmjnBlSsjBYIUrg=
=NC09
-----END PGP SIGNATURE-----