Package "openvpn"

Name: openvpn


virtual private network daemon

Latest version: 2.4.4-2ubuntu1.6
Release: bionic (18.04)
Level: updates
Repository: main
Homepage: https://openvpn.net/


Download "openvpn"

Other versions of "openvpn" in Bionic

Repository Area Version
base main 2.4.4-2ubuntu1
security main 2.4.4-2ubuntu1.5


Version: 2.4.4-2ubuntu1.6 2021-08-04 15:06:20 UTC

  openvpn (2.4.4-2ubuntu1.6) bionic; urgency=medium

  * d/p/increase-listen-backlog-queue-to-32.patch: Increase listen backlog queue
    to 32 (LP: #1934781)

 -- Athos Ribeiro <email address hidden> Mon, 19 Jul 2021 19:53:26 -0300

Source diff to previous version
1934781 TCP socket backlog set too low (\

Version: 2.4.4-2ubuntu1.5 2021-05-04 13:06:20 UTC

  openvpn (2.4.4-2ubuntu1.5) bionic-security; urgency=medium

  * SECURITY UPDATE: data channel v2 packet injection
    - debian/patches/CVE-2020-11810.patch: fix illegal client float in
    - CVE-2020-11810
  * SECURITY UPDATE: Authentication bypass with deferred authentication
    - debian/patches/CVE-2020-15078.patch: ensure key state is
      authenticated before sending push reply in src/openvpn/push.c.
    - CVE-2020-15078

 -- Marc Deslauriers <email address hidden> Tue, 27 Apr 2021 10:54:29 -0400

Source diff to previous version
CVE-2020-11810 An issue was discovered in OpenVPN 2.4.x before 2.4.9. An attacker can inject a data channel v2 (P_DATA_V2) packet using a victim's peer-id. Normally
CVE-2020-15078 OpenVPN 2.5.1 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with defe

Version: 2.4.4-2ubuntu1.3 2019-06-17 10:06:18 UTC

  openvpn (2.4.4-2ubuntu1.3) bionic; urgency=medium

  * d/p/lp-1828771-CapabilityBoundingSet-for-auth_pam.patch: Add CAP_AUDIT_WRITE
    to upstreams set of .service files to avoid issues with callout scripts
    breaking due to sudo/pam being unable to audit the action (LP: #1828771)

 -- Christian Ehrhardt <email address hidden> Tue, 14 May 2019 10:25:51 +0200

Source diff to previous version
1828771 Add CAP_AUDIT_WRITE to non-upstream services

Version: 2.4.4-2ubuntu1.2 2019-06-03 10:08:01 UTC

  openvpn (2.4.4-2ubuntu1.2) bionic; urgency=medium

  * d/p/openvpn-fips-2.4.patch: Allow MD5 in FIPS mode (openssl) for PRF.
    (LP: #1807439)

 -- Joy Latten <email address hidden> Wed, 09 Jan 2019 15:50:03 -0600

Source diff to previous version
1807439 openvpn crashes when run with fips openssl

Version: 2.4.4-2ubuntu1.1 2018-09-13 09:06:46 UTC

  openvpn (2.4.4-2ubuntu1.1) bionic; urgency=medium

  * d/openvpn@.service: Add CAP_AUDIT_WRITE to avoid issues with callout
    scripts breaking due to sudo/pam being unable to audit the action.
    Fixed in upstream issue #918, suggested to Debian in #868806 (LP: #1787208)

 -- Christian Ehrhardt <email address hidden> Wed, 05 Sep 2018 14:43:16 +0200

1787208 Openvpn routing issue

About   -   Send Feedback to @ubuntu_updates