openvpn - Debian Package Tracker

general

source: openvpn (main)
version: 2.7.0~rc5-1
maintainer: Bernhard Schmidt (DMD) (LowNMU)
uploaders: Jörg Frings-Fürst [DMD]
arch: any
std-ver: 4.6.0.1
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 2.5.1-3
o-o-sec: 2.5.1-3+deb11u2
oldstable: 2.6.3-1+deb12u3
old-sec: 2.6.3-1+deb12u4
stable: 2.6.14-1
stable-sec: 2.6.14-1+deb13u1
testing: 2.7.0~rc5-1
unstable: 2.7.0~rc5-1

versioned links

2.5.1-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.5.1-3+deb11u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.6.3-1+deb12u3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.6.3-1+deb12u4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.6.14-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.6.14-1+deb13u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.7.0~rc5-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

openvpn (20 bugs: 0, 18, 2, 0)

action needed

lintian reports 1 error and 1 warning high

Lintian reports 1 error and 1 warning about this package. You should make the package lintian clean getting rid of them.

Created: 2025-10-27 Last update: 2025-12-20 04:00

3 security issues in buster high

There are 3 open security issues in buster.

2 important issues:

CVE-2024-5594:
CVE-2024-28882:

1 issue postponed or untriaged:

CVE-2022-0547: (needs triaging) OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially correct credentials.

Created: 2024-06-24 Last update: 2024-06-29 19:18

1 bug tagged patch in the BTS normal

The BTS contains patches fixing 1 bug, consider including or untagging them.

Created: 2026-01-01 Last update: 2026-01-28 21:33

version in VCS is newer than in repository, is it time to upload? normal

vcswatch reports that this package seems to have a new changelog entry (version 2.7.0~rc5-2, distribution UNRELEASED) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:

commit 6c7e1bdf01a450287459bd0a8bdbe1f84e6a9417
Author: Gianfranco Costamagna <locutusofborg@debian.org>
Date:   Wed Jan 28 08:09:44 2026 +0100

    Update changelog

commit 3e4caf8a03c4780716c5848b8921cc9a806d5758
Author: Gianfranco Costamagna <locutusofborg@debian.org>
Date:   Wed Jan 28 08:07:24 2026 +0100

    Add new server-setup-with-ca-dco test, skippable for now since not all the kernels supports this new way of opening an openvpn tunnel

commit fcbb696eee622617dfb42b1589020f649b793d31
Author: Gianfranco Costamagna <locutusofborg@debian.org>
Date:   Wed Jan 28 08:05:47 2026 +0100

    Run tests in isolation-container not in isolation-machine

commit 746ef198159a38ca1a3d06b20047a7a1e096b44c
Author: Gianfranco Costamagna <locutusofborg@debian.org>
Date:   Wed Jan 28 08:05:12 2026 +0100

    Fixup test, some logs were removed in new openvpn version

commit 42cc2861143cb6819458005170ee1396f2cf2a82
Author: Gianfranco Costamagna <locutusofborg@debian.org>
Date:   Wed Jan 28 08:04:40 2026 +0100

    Add dump of log file in case of failures to better check what output didn't match

commit a1c3b9a01d14991f75c5859b3cd5b61e5700f170
Author: Gianfranco Costamagna <locutusofborg@debian.org>
Date:   Wed Jan 28 08:03:53 2026 +0100

    Add new allow-deprecated-insecure-static-crypto flag to server-setup-with-static-key to allow the test run in deprecated mode

commit 3d13cae8068279b79855eb6f99b63bcf95279bcc
Author: Gianfranco Costamagna <locutusofborg@debian.org>
Date:   Wed Jan 28 08:02:51 2026 +0100

    Relax regex for TUN/TAP and check after the loop which device was opened

commit b597b552a466ed38daadb891d561e8cb8f8aa880
Author: Gianfranco Costamagna <locutusofborg@debian.org>
Date:   Wed Jan 28 08:01:50 2026 +0100

    Fix test server-setup-with-ca, by making sure new DCO mode is not used (fails grep command otherwise)

Created: 2026-01-28 Last update: 2026-01-28 09:32

debian/patches: 2 patches to forward upstream low

Among the 3 debian patches available in version 2.7.0~rc5-1 of the package, we noticed the following issues:

2 patches where the metadata indicates that the patch has not yet been forwarded upstream. You should either forward the patch upstream or update the metadata to document its real status.

Created: 2023-02-26 Last update: 2026-01-16 22:48

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.7.3 instead of 4.6.0.1).

Created: 2022-05-11 Last update: 2026-01-16 19:02

news

[rss feed]

[2026-01-18] openvpn 2.7.0~rc5-1 MIGRATED to testing (Debian testing watch)
[2026-01-16] Accepted openvpn 2.7.0~rc5-1 (source) into unstable (Bernhard Schmidt)
[2025-12-22] openvpn 2.7.0~rc4-1 MIGRATED to testing (Debian testing watch)
[2025-12-19] Accepted openvpn 2.7.0~rc4-1 (source) into unstable (Bernhard Schmidt)
[2025-12-05] Accepted openvpn 2.6.3-1+deb12u4 (source) into oldstable-proposed-updates (Debian FTP Masters) (signed by: Bernhard Schmidt)
[2025-12-05] Accepted openvpn 2.6.14-1+deb13u1 (source) into proposed-updates (Debian FTP Masters) (signed by: Bernhard Schmidt)
[2025-12-03] Accepted openvpn 2.6.3-1+deb12u4 (source) into oldstable-security (Debian FTP Masters) (signed by: Bernhard Schmidt)
[2025-12-03] Accepted openvpn 2.6.14-1+deb13u1 (source) into stable-security (Debian FTP Masters) (signed by: Bernhard Schmidt)
[2025-12-03] openvpn 2.7.0~rc3-1 MIGRATED to testing (Debian testing watch)
[2025-12-01] Accepted openvpn 2.7.0~rc3-1 (source) into unstable (Bernhard Schmidt)
[2025-11-23] openvpn 2.7.0~rc2-2 MIGRATED to testing (Debian testing watch)
[2025-11-20] Accepted openvpn 2.7.0~rc2-2 (source) into unstable (Bernhard Schmidt)
[2025-11-19] Accepted openvpn 2.7.0~rc2-1 (source) into experimental (Bernhard Schmidt)
[2025-11-02] Accepted openvpn 2.7.0~rc1-1 (source) into experimental (Bernhard Schmidt)
[2025-10-30] openvpn 2.6.15-1 MIGRATED to testing (Debian testing watch)
[2025-10-26] Accepted openvpn 2.6.15-1 (source) into unstable (Bernhard Schmidt)
[2025-10-14] Accepted openvpn 2.7.0~beta3-1 (source) into experimental (Bernhard Schmidt)
[2025-09-25] Accepted openvpn 2.7.0~beta2-1 (source) into experimental (Bernhard Schmidt)
[2025-09-10] openvpn 2.6.14-2 MIGRATED to testing (Debian testing watch)
[2025-09-05] Accepted openvpn 2.7.0~beta1-1 (source) into experimental (Bernhard Schmidt)
[2025-09-05] Accepted openvpn 2.6.14-2 (source) into unstable (Bernhard Schmidt)
[2025-09-01] Accepted openvpn 2.5.1-3+deb11u2 (source) into oldoldstable-security (Carlos Henrique Lima Melara)
[2025-08-04] Accepted openvpn 2.7.0~alpha3-1 (source) into experimental (Bernhard Schmidt)
[2025-06-20] Accepted openvpn 2.7.0~alpha2-1 (source) into experimental (Bernhard Schmidt)
[2025-05-30] Accepted openvpn 2.7.0~alpha1-1 (source) into experimental (Bernhard Schmidt)
[2025-05-09] Accepted openvpn 2.6.3-1+deb12u3 (source) into proposed-updates (Debian FTP Masters) (signed by: Bernhard Schmidt)
[2025-04-06] openvpn 2.6.14-1 MIGRATED to testing (Debian testing watch)
[2025-04-02] Accepted openvpn 2.6.14-1 (source) into unstable (Bernhard Schmidt)
[2025-03-08] Accepted openvpn 2.5.1-3+deb11u1 (source) into oldstable-security (Aquila Macedo Costa) (signed by: Sylvain Beucler)
[2025-02-16] openvpn 2.6.13-1 MIGRATED to testing (Debian testing watch)

bugs [bug history graph]

all: 22
RC: 0
I&N: 20
M&W: 2
F&P: 0
patch: 1

links

homepage
lintian (1, 1)
buildd: logs, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker
screenshots
l10n (100, -)
debian patches
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 2.7.0~rc5-1ubuntu5
25 bugs
patches for 2.7.0~rc5-1ubuntu5