{"update": {"autokarma": true, "autotime": true, "stable_karma": 2, "stable_days": 14, "unstable_karma": -1, "require_bugs": false, "require_testcases": false, "display_name": "", "notes": "Security update - OpenVPN 2.5.1 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks. (CVE-2020-15078)\n", "type": "security", "status": "stable", "request": null, "severity": "urgent", "suggest": "unspecified", "locked": false, "pushed": true, "critpath": false, "critpath_groups": null, "close_bugs": true, "date_submitted": "2021-04-21 14:11:13", "date_modified": "2021-04-23 19:08:20", "date_approved": null, "date_testing": "2021-04-21 22:05:01", "date_stable": "2021-05-06 01:09:23", "alias": "FEDORA-EPEL-2021-0754fdd085", "test_gating_status": "ignored", "from_tag": null, "date_pushed": "2021-05-06 01:09:23", "meets_testing_requirements": true, "url": "https://bodhi.stg.fedoraproject.org/updates/FEDORA-EPEL-2021-0754fdd085", "title": "openvpn-2.4.11-1.el8", "version_hash": "291d3b0e12c63482f45fa6a42099e0c81151c8df", "release": {"name": "EPEL-8", "long_name": "Fedora EPEL 8", "version": "8", "id_prefix": "FEDORA-EPEL", "branch": "epel8", "dist_tag": "epel8", "stable_tag": "epel8", "testing_tag": "epel8-testing", "candidate_tag": "epel8-testing-candidate", "pending_signing_tag": "epel8-signing-pending", "pending_testing_tag": "epel8-testing-pending", "pending_stable_tag": "epel8-pending", "override_tag": "epel8-override", "mail_template": "fedora_epel_legacy_errata_template", "state": "current", "composed_by_bodhi": true, "create_automatic_updates": false, "package_manager": "unspecified", "testing_repository": null, "released_on": null, "eol": null, "critpath_mandatory_days_in_testing": 14, "mandatory_days_in_testing": 7, "critpath_min_karma": 2, "min_karma": 1, "setting_status": null}, "user": {"name": "dsommers", "email": "dazo@eurephia.org", "id": 446, "avatar": "https://seccdn.libravatar.org/avatar/3261354ae2f56e3e735b0a15b987268d73f39e052ffd2fa431f74918d9d307dd?s=24&d=retro", "openid": "dsommers.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "cla_redhat"}, {"name": "openvpn"}]}, "comments": [{"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for testing by dsommers. ", "timestamp": "2021-04-21 14:11:13", "update_id": 300590, "user_id": 91, "id": 1994752, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update's test gating status has been changed to 'ignored'.", "timestamp": "2021-04-21 14:11:14", "update_id": 300590, "user_id": 91, "id": 1994753, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update's test gating status has been changed to 'waiting'.", "timestamp": "2021-04-21 14:11:14", "update_id": 300590, "user_id": 91, "id": 1994754, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update's test gating status has been changed to 'ignored'.", "timestamp": "2021-04-21 14:56:41", "update_id": 300590, "user_id": 91, "id": 1994841, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to testing.", "timestamp": "2021-04-21 22:05:09", "update_id": 300590, "user_id": 91, "id": 1995673, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "dsommers edited this update.", "timestamp": "2021-04-23 19:08:20", "update_id": 300590, "user_id": 91, "id": 1997847, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 1, "karma_critpath": 0, "text": "I updated one server, and the VPN is still working properly.\n\nNot sure about the bug fix, as I don't know how to test that; I don't know if there's a POC or a assessment test script somewhere.", "timestamp": "2021-04-30 12:57:19", "update_id": 300590, "user_id": 1834, "id": 2007813, "bug_feedback": [{"karma": 0, "comment_id": 2007813, "bug_id": 1952936, "bug": {"bug_id": 1952936, "title": "CVE-2020-15078 openvpn: Authentication bypass with deferred authentication [epel-all]", "security": true, "parent": false}}], "testcase_feedback": [], "user": {"name": "jstevens", "email": "john_o.stevens@yahoo.com", "id": 1834, "avatar": "https://seccdn.libravatar.org/avatar/9616c5ddb8c0a5b4bfbb88505443b18235f920ef5bb1feeac8651c76a3fddc4c?s=24&d=retro", "openid": "jstevens.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}]}}, {"karma": 0, "karma_critpath": 0, "text": "This update can be pushed to stable now if the maintainer wishes", "timestamp": "2021-05-05 22:06:52", "update_id": 300590, "user_id": 91, "id": 2016573, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for stable by bodhi. ", "timestamp": "2021-05-05 22:06:53", "update_id": 300590, "user_id": 91, "id": 2016574, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to stable.", "timestamp": "2021-05-06 01:09:34", "update_id": 300590, "user_id": 91, "id": 2016982, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}], "builds": [{"nvr": "openvpn-2.4.11-1.el8", "signed": true, "release_id": 34, "type": "rpm", "epoch": 0}], "bugs": [{"bug_id": 1952936, "title": "CVE-2020-15078 openvpn: Authentication bypass with deferred authentication [epel-all]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 1997864, "bug_id": 1952936, "comment": {"karma": 1, "karma_critpath": 0, "text": "tested it on CentOS 7 VPN server, works fine!", "timestamp": "2021-04-23 19:42:10", "update_id": 300592, "user_id": 423, "id": 1997864, "testcase_feedback": [], "user": {"name": "fkooman", "email": "fkooman@tuxed.net", "id": 423, "avatar": "https://seccdn.libravatar.org/avatar/8af1ab16d532458205b5334907cdfc0ce6483ddf6f514514133cb07cee400ed9?s=24&d=retro", "openid": "fkooman.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}}, {"karma": 0, "comment_id": 2002325, "bug_id": 1952936, "comment": {"karma": 1, "karma_critpath": 0, "text": "Works fine on several servers", "timestamp": "2021-04-27 00:26:58", "update_id": 300592, "user_id": 186, "id": 2002325, "testcase_feedback": [], "user": {"name": "wolfy", "email": "manuel.wolfshant@gmail.com", "id": 186, "avatar": "https://seccdn.libravatar.org/avatar/492065be841df6f5b5f371d89c011e006ed4abbe99440bbc67d1d4f74b439081?s=24&d=retro", "openid": "wolfy.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "ambassadors"}]}}}, {"karma": 0, "comment_id": 2007813, "bug_id": 1952936, "comment": {"karma": 1, "karma_critpath": 0, "text": "I updated one server, and the VPN is still working properly.\n\nNot sure about the bug fix, as I don't know how to test that; I don't know if there's a POC or a assessment test script somewhere.", "timestamp": "2021-04-30 12:57:19", "update_id": 300590, "user_id": 1834, "id": 2007813, "testcase_feedback": [], "user": {"name": "jstevens", "email": "john_o.stevens@yahoo.com", "id": 1834, "avatar": "https://seccdn.libravatar.org/avatar/9616c5ddb8c0a5b4bfbb88505443b18235f920ef5bb1feeac8651c76a3fddc4c?s=24&d=retro", "openid": "jstevens.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}]}}}]}], "updateid": "FEDORA-EPEL-2021-0754fdd085", "karma": 1, "content_type": "rpm", "test_cases": []}, "can_edit": false, "ci_allowed": false}