Changes between Version 2 and Version 3 of CVE-2021-3606


Ignore:
Timestamp:
07/01/21 14:26:37 (11 months ago)
Author:
David Sommerseth
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • CVE-2021-3606

    v2 v3  
    44
    55This issue affects only OpenVPN 2.5.2 and prior releases only on Windows, as this related to how the OpenSSL library is built.  This is not an issue in the OpenVPN code itself, but due to a feature available by default in the OpenSSL library.  From OpenVPN 2.5.3, this feature is being disabled at compile-time of the OpenSSL library which results in no external OpenSSL configuration files being loaded from specific folders on the local system.
     6
     7This issue was reported by Xavier Danest.