Changes between Version 2 and Version 3 of CVE-2021-3606
- Timestamp:
- 07/01/21 14:26:37 (3 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
CVE-2021-3606
v2 v3 4 4 5 5 This issue affects only OpenVPN 2.5.2 and prior releases only on Windows, as this related to how the OpenSSL library is built. This is not an issue in the OpenVPN code itself, but due to a feature available by default in the OpenSSL library. From OpenVPN 2.5.3, this feature is being disabled at compile-time of the OpenSSL library which results in no external OpenSSL configuration files being loaded from specific folders on the local system. 6 7 This issue was reported by Xavier Danest.