[ubuntu/oracular-security] openvpn 2.6.12-1ubuntu1.2 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Thu Apr 3 11:33:35 UTC 2025
openvpn (2.6.12-1ubuntu1.2) oracular-security; urgency=medium
* SECURITY UPDATE: denial of service issue
- debian/patches/CVE-2025-2704.patch: allow tls-crypt-v2 to be setup
only on initial packet of a session in src/openvpn/ssl.c,
src/openvpn/ssl_common.h, src/openvpn/ssl_pkt.c,
src/openvpn/ssl_pkt.h, src/openvpn/tls_crypt.c,
src/openvpn/tls_crypt.h, tests/unit_tests/openvpn/test_tls_crypt.c.
- CVE-2025-2704
Date: 2025-04-02 13:58:23.123939+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/openvpn/2.6.12-1ubuntu1.2
-------------- next part --------------
Sorry, changesfile not available.
More information about the oracular-changes
mailing list