It was discovered that OpenVPN incorrectly handled certain configurations with multiple authentication plugins. A remote attacker could possibly use this issue to bypass authentication using incomplete credentials.
{ "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro", "binaries": [ { "binary_version": "2.3.2-7ubuntu3.2+esm1", "binary_name": "openvpn" }, { "binary_version": "2.3.2-7ubuntu3.2+esm1", "binary_name": "openvpn-dbgsym" } ] }
{ "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro", "binaries": [ { "binary_version": "2.3.10-1ubuntu2.2+esm1", "binary_name": "openvpn" }, { "binary_version": "2.3.10-1ubuntu2.2+esm1", "binary_name": "openvpn-dbgsym" } ] }