Changes between Version 8 and Version 9 of SecurityAnnouncement-97597e732b
- Timestamp:
- 12/02/14 03:50:47 (10 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
SecurityAnnouncement-97597e732b
v8 v9 19 19 == Has OpenVPN been successfully exploited? == 20 20 21 An OpenVPN server can be easily exploited (crashed) using this vulnerability by an authenticated client. However, we are not aware of this exploit being in the wild before we released a fixed version (2.3.6).21 An OpenVPN server can be easily exploited (crashed) using this vulnerability by an authenticated client. However, we are not aware of this exploit being used in the wild before we released a fixed version (2.3.6). 22 22 23 23 == How do I fix this? == 24 24 25 Simply install a patched version of OpenVPN. If you're using official releases then go for OpenVPN 2.3.6 or latest Git "master". If you're using OpenVPN from your operating system's software repositories then install an updated version from them.25 Simply install a patched version of OpenVPN. If you're using official releases then, go for OpenVPN 2.3.6 or latest Git "master". If you're using OpenVPN from your operating system's software repositories then install an updated version from them. 26 26 27 27 If you're maintaining packages based on OpenVPN 2.2 you can get a backported patch from the Git repository's release/2.2 branch.