Introduction

A critical denial of service security vulnerability (CVE-2014-8104, not public yet) affecting OpenVPN servers was recently brought to our attention. A fixed version of OpenVPN (2.3.6) will be released 1st Dec 2014 at around 18:00 UTC.