OpenVPN 2.5.1 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "2.4.4-2ubuntu1.5", "binary_name": "openvpn" }, { "binary_version": "2.4.4-2ubuntu1.5", "binary_name": "openvpn-dbgsym" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "2.4.7-1ubuntu2.20.04.2", "binary_name": "openvpn" }, { "binary_version": "2.4.7-1ubuntu2.20.04.2", "binary_name": "openvpn-dbgsym" } ] }