[OpenVPN-NL] OpenVPN-NL v2.3.5-nl2 released
Steffan Karger
steffan.karger at fox-it.com
Mon Dec 1 19:28:27 CET 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
A new version of OpenVPN-NL (2.3.5-nl2) is available on the OpenVPN-NL
site [1]. This version is based on OpenVPN 2.3.5 [2], and PolarSSL
1.2.12 [3].
This new version of OpenVPN-NL fixes a denial-of-service vulnerability
[4]. The vulnerability enables authenticated clients to stop openvpn
server instances, potentially causing availability issues.
Confidentiality and authenticity of traffic are *not* affected.
OpenVPN-NL server administrators are recommended to upgrade their
server instances to 2.3.5-nl2 as soon as possible. OpenVPN-NL client
instances are not directly affected, and can be updated according to
your regular update schedule.
References
- ----------
[1] https://openvpn.fox-it.com/
[2] https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn23
[3] https://polarssl.org/tech-updates/releases/polarssl-1.2.12-released
[4]
https://community.openvpn.net/openvpn/wiki/SecurityAnnouncement-97597e732b
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAEBCAAGBQJUfLNHAAoJEEEwndWOY1w5SogH/RQv29CDaBylVJYwaL27UfGh
baThd6/li1Nm2J4zIXeMfPUL8QJN1HYl3XWbtcyB991pjkaMV4kxvvckj5rJVxHx
uYQO4biytbvAKAJVtcaQKfN4LWMNZCDmNKuDahRXIlgdb1Ogpq7D95XziGjTN3m6
61VrxekUKeGQq5YDN8za+Jx8KnxxDqOmyDFuxTXNdOkPE0ZpBfdZ5/7VPxIQTOTD
qI6je0gH8lXSS6E+Vvm4VglbxcG/0Ak5hD0Ynhtm5hh7c8FHEpLOWZcs39Yp54lg
aKdrFxOArley6edFgLSuDkHFH3W8uV/CVaIerflBYRfkoGYN7SsEl15CDCaiHNc=
=sTCd
-----END PGP SIGNATURE-----
More information about the list-openvpn-nl
mailing list