-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 27 Apr 2026 09:22:24 +0200
Source: openvpn
Architecture: source
Version: 2.6.14-1+deb13u2
Distribution: trixie-security
Urgency: medium
Maintainer: Bernhard Schmidt <berni@debian.org>
Changed-By: Bernhard Schmidt <berni@debian.org>
Changes:
 openvpn (2.6.14-1+deb13u2) trixie-security; urgency=medium
 .
   * Cherry-pick upstream security patches
     - CVE-2026-40215: fix race condition in TLS handshake that could lead to
       leaking of packet data from a previous handshake under specific
       circumstances
     - CVE-2026-35058: fix server ASSERT() on receiving a suitably malformed
       packet with a valid tls-crypt-v2 key
Checksums-Sha1:
 334b745d7f837ec67bd138e31b47b199342da21b 2275 openvpn_2.6.14-1+deb13u2.dsc
 cfca54fd0f3e3a06565cf4fec982d724b5e5c188 1926343 openvpn_2.6.14.orig.tar.gz
 6658b4da6e689ab929fe1e6f5c8a53377d86375f 67068 openvpn_2.6.14-1+deb13u2.debian.tar.xz
 4efe6715f6b4595df3907a45e4207edd289f6058 7482 openvpn_2.6.14-1+deb13u2_amd64.buildinfo
Checksums-Sha256:
 396595f973155bf1dfba33164049dcc6c3d585282186f575b97406a0e3f2dc17 2275 openvpn_2.6.14-1+deb13u2.dsc
 9eb6a6618352f9e7b771a9d38ae1631b5edfeed6d40233e243e602ddf2195e7a 1926343 openvpn_2.6.14.orig.tar.gz
 6994e19893a69d6d812d72a2eb7fd18ed3c46c6584a3e7d0421fb207f85834e6 67068 openvpn_2.6.14-1+deb13u2.debian.tar.xz
 81d7e4f24704f59c0c95ac9adb37b8449117bb53ce69dbe0ee6e26fa0c0b772a 7482 openvpn_2.6.14-1+deb13u2_amd64.buildinfo
Files:
 db1463bcedba0adc8eb7a8b917a7402b 2275 net optional openvpn_2.6.14-1+deb13u2.dsc
 20f7324bd5fdf7121d0f7b40a2c2b975 1926343 net optional openvpn_2.6.14.orig.tar.gz
 1733c5a44d2b352600f119453181babb 67068 net optional openvpn_2.6.14-1+deb13u2.debian.tar.xz
 1f8f8fc7919b083063ff1f85e5f3a471 7482 net optional openvpn_2.6.14-1+deb13u2_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJFBAEBCgAvFiEE1uAexRal3873GVbTd1B55bhQvJMFAmoLZc0RHGJlcm5pQGRl
Ymlhbi5vcmcACgkQd1B55bhQvJNzBA//Vc9qGmHpI6/vp4M+QD46g38f90m4q0pL
k0NbPxrdgnwht6+f0jlhHF0ys2oRfNZjuqQPBxgyeUrYzkV/SUuw5eWuQdJp+aMc
R+ALI2MSBAZuAO80Z+Bsd3KWEwxh92OYpWpMNKS3iPSTgIYoZliByQvSouyQq3H6
v9z6XCkDV1Plb9b4thBd85kVD/hIwW9U9GqVvb08B9nLcEdeBCQUrQ1UaFBcBgXz
gemmXN1FCAEIB9a6OCFgfV4xrUb4kHeuzrZQtHwCTt31DWc24RK8z0T7BCyLwWZ/
99yAkxDW6iggSSnk2c0RZbwjVoaGtFaYBZCjhJLzZk5CRXCUckylLSGYoE4slxCO
73b7+nX3U5/X+1n7veofTrLunitPgbrCIF79N+grg2fTGbWluj9PNWvem00Kg5f+
qtBC2yMRT/2fB1TTN3M7D9OUyrGAU49niUxDBA3jWswRJIE7DtIGd4xRGuuTxl4B
SDrALZy21EgvGeMY5Xc2PEYPUTF0d+gV43QUyo8TGShvcsfZc0rFY8vzchoiuMVn
LIIttFo5hofzva1rwINRl5edSic1hUBfo47ZaXrocO2nSawBY1ppB4nZxhCkiHUx
MLNwpYSCeA6LZXZurE3zAvs/wrTrvhDCwqJYjEA7uLKvMCO0YpgnyBviHN7qW4/m
8Ri+dGg/+xw=
=coWH
-----END PGP SIGNATURE-----