I want to use openvpn with expressvpn I follow this guide for Fedora: https://www.expressvpn.com/support/vpn-setup/manual-config-for-linux-with-openvpn/#install and at this step: "To configure DNS, enter the following: $ sudo cp /usr/share/doc/openvpn/contrib/pull-resolv-conf/client.{up,down} /etc/openvpn/ " i don't have the folder /usr/share/doc/openvpn/contrib at all It is possible to add this folder in the rpm package ? (it is present in source tarball) I added manually the files and i applied this Feodra guide with success Thanks
Status: NEW => ASSIGNEDCC: (none) => bruno
Fixed for cauldron in 2.5.7-2 just pushed. This will be available then in future relases as well.
Same update pushed to updates_testing for mga8 as well. Assigning to QA team, but unsure as it's not a security issue. Feel ree to reassign and push to real updates.
Assignee: bruno.cornec => qa-bugs
Thanks a lot Bruno
Is it openvpn-2.5.0-2.3.mga8 we have to look for???? I don't find a 2.5.7-2.
CC: (none) => herman.viaene
MGA8-64 Plasma on Acer Aspire 5253 No installation issues Relying on Brian's previous test in bug 29007 and 26558, I run the same commands with ample similar results. One difference: # openvpn --genkey --secret key 2022-07-06 11:47:43 WARNING: Using --genkey --secret filename is DEPRECATED. Use --genkey secret filename instead. but # openvpn --test-crypto secret key apparently did the trick since # openvpn --test-crypto --secret key | more 2022-07-06 11:49:27 Cipher negotiation is disabled since neither P2MP client nor server mode is enabled 2022-07-06 11:49:27 OpenVPN 2.5.0 x86_64-mageia-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Ju l 5 2022 2022-07-06 11:49:27 library versions: OpenSSL 1.1.1p 21 Jun 2022, LZO 2.10 2022-07-06 11:49:27 OpenVPN 2.5.0 x86_64-mageia-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Ju l 5 2022 2022-07-06 11:49:27 WARNING: INSECURE cipher (BF-CBC) with block size less than 128 bit (64 bit). This allows attacks like SWEET32. Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC). Support for these insecure ciphers will be removed in OpenVP N 2.6. 2022-07-06 11:49:27 WARNING: INSECURE cipher (BF-CBC) with block size less than 128 bit (64 bit). This allows attacks like SWEET32. Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC). Support for these insecure ciphers will be removed in OpenVP N 2.6. 2022-07-06 11:49:27 WARNING: INSECURE cipher (BF-CBC) with block size less than 128 bit (64 bit). This allows attacks like SWEET32. Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC). Support for these insecure ciphers will be removed in OpenVP N 2.6. 2022-07-06 11:49:27 Entering OpenVPN crypto self-test mode. 2022-07-06 11:49:27 TESTING ENCRYPT/DECRYPT of packet length=1 2022-07-06 11:49:27 TESTING ENCRYPT/DECRYPT of packet length=2 and loads more ........... with at the end 2022-07-06 11:51:12 OpenVPN crypto self-test mode SUCCEEDED. So OK'ing based on Brian's superior knowledge of the subject, compared to mine.
Whiteboard: (none) => MGA8-64-OK
Validating.
Keywords: (none) => validated_updateCC: (none) => andrewsfarm, sysadmin-bugs
Keywords: (none) => advisoryCC: (none) => davidwhodgins
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGAA-2022-0097.html
Resolution: (none) => FIXEDStatus: ASSIGNED => RESOLVED