[OpenVPN-NL] Pre-notification: upcoming release
Steffan Karger
steffan.karger at fox-it.com
Mon Dec 1 09:12:58 CET 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
A denial of service security vulnerability affecting OpenVPN-NL
servers was recently brought to our attention. The vulnerability
enables authenticated clients to stop openvpn server instances. The
vulnerability affects server availability only. Confidentiality and
authenticity of traffic are *not* affected.
A fixed version of OpenVPN-NL will be released today (1st Dec 2014) at
around 18:00 UTC (20:00 CET). Upstream (regular OpenVPN) will also
release a fixed version around the same time. More details will be
released to the public once the fixed versions are available.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAEBCAAGBQJUfCMFAAoJEEEwndWOY1w5yQAH/3o7+r1qd7CWpiP4ibizGqBd
53RST7V8Y6B0ivieFKVeGIdYLp3GqVTXmFStVSmSsY3kBPMxMfDmLlwkRaCTK+OH
Oft9r4VLCwSUvPLMW/bppxiDXb96sltUe87fl6hHhkHWSUYJy/yh4C/bEEModCv9
BvsYqVT/tCeREb0DJKyFLNJ8jEK2AfmAd3ccNBV41M30JJs2MQ01PtjoMdeCVMRZ
bXRjcomilTsVGmLYnfDhAqCc9g184aDphxE5qgFwrfVOJc38P7lhB2jZdfq0GgzS
rOKSfkNkoWg/ejMijja2n8RLGw/QSIEYqfXpUY4fqR5efXwgPTRKYf9/ijYMVqk=
=6QO5
-----END PGP SIGNATURE-----
More information about the list-openvpn-nl
mailing list