-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256

A new version of OpenVPN-NL (2.3.5-nl2) is available on the OpenVPN-NL site [1]. This version is based on OpenVPN 2.3.5 [2], and PolarSSL 1.2.12 [3].

This new version of OpenVPN-NL fixes a denial-of-service vulnerability [4]. The vulnerability enables authenticated clients to stop openvpn server instances, potentially causing availability issues. Confidentiality and authenticity of traffic are *not* affected.

OpenVPN-NL server administrators are recommended to upgrade their server instances to 2.3.5-nl2 as soon as possible. OpenVPN-NL client instances are not directly affected, and can be updated according to your regular update schedule.

References - ----------

[1] https://openvpn.fox-it.com/ [2] https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn23 [3] https://polarssl.org/tech-updates/releases/polarssl-1.2.12-released [4] https://community.openvpn.net/openvpn/wiki/SecurityAnnouncement-97597e732b