DSA-5555-1

Source
https://security-tracker.debian.org/tracker/DSA-5555-1
Import Source
https://storage.googleapis.com/debian-osv/dsa-osv/DSA-5555-1.json
Related
Published
2023-11-15T00:00:00Z
Modified
2023-11-15T23:18:04.508196Z
Details

Two vulnerabilities were discovered in openvpn, a virtual private network application which could result in memory disclosure or denial of service.

The oldstable distribution (bullseye) is not affected.

For the stable distribution (bookworm), these problems have been fixed in version 2.6.3-1+deb12u2.

We recommend that you upgrade your openvpn packages.

For the detailed security status of openvpn please refer to its security tracker page at: \ https://security-tracker.debian.org/tracker/openvpn

References

Affected packages

Debian:12 / openvpn

Package

Name
openvpn

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
2.6.3-1+deb12u2

Affected versions

2.*

2.6.3-1
2.6.3-1+deb12u1~bpo11+1
2.6.3-1+deb12u1