[ubuntu/noble-updates] openvpn 2.6.12-0ubuntu0.24.04.3 (Accepted)
Ubuntu Archive Robot
ubuntu-archive-robot at lists.canonical.com
Thu Apr 3 14:02:12 UTC 2025
openvpn (2.6.12-0ubuntu0.24.04.3) noble-security; urgency=medium
* SECURITY UPDATE: denial of service issue
- debian/patches/CVE-2025-2704.patch: allow tls-crypt-v2 to be setup
only on initial packet of a session in src/openvpn/ssl.c,
src/openvpn/ssl_common.h, src/openvpn/ssl_pkt.c,
src/openvpn/ssl_pkt.h, src/openvpn/tls_crypt.c,
src/openvpn/tls_crypt.h, tests/unit_tests/openvpn/test_tls_crypt.c.
- CVE-2025-2704
Date: 2025-04-02 13:58:14.927170+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/openvpn/2.6.12-0ubuntu0.24.04.3
-------------- next part --------------
Sorry, changesfile not available.
More information about the noble-changes
mailing list