Package "openvpn"

Name:	openvpn
Description:	virtual private network daemon
Latest version:	2.6.5-0ubuntu1.1
Release:	mantic (23.10)
Level:	security
Repository:	main
Homepage:	https://openvpn.net/

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Download "openvpn"

32-bit deb package

64-bit deb package

APT INSTALL

Other versions of "openvpn" in Mantic

Repository	Area	Version
base	main	2.6.5-0ubuntu1
updates	main	2.6.5-0ubuntu1.1

Changelog

Version: 2.6.5-0ubuntu1.1 2023-11-16 14:09:05 UTC

openvpn (2.6.5-0ubuntu1.1) mantic-security; urgency=medium * SECURITY UPDATE: divide-by-zero via --fragment option - debian/patches/CVE-2023-46849.patch: remove saving initial frame code in src/openvpn/forward.c, src/openvpn/init.c, src/openvpn/openvpn.h. - CVE-2023-46849 * SECURITY UPDATE: memory disclosure or code exec via use-after-free - debian/patches/CVE-2023-46850.patch: fix using to_link buffer after freed in src/openvpn/ssl.c. - CVE-2023-46850 -- Marc Deslauriers <email address hidden> Wed, 15 Nov 2023 13:12:32 -0500

CVE-2023-46849	Using the --fragment option in certain configuration setups OpenVPN version 2.6.0 to 2.6.6 allows an attacker to trigger a divide by zero behaviour w
CVE-2023-46850	Use after free in OpenVPN version 2.6.0 to 2.6.6 may lead to undefined behavoir, leaking memory buffers or remote execution when sending network buff

About - Send Feedback to @ubuntu_updates

Package "openvpn"

Links

Download "openvpn"

Other versions of "openvpn" in Mantic

Changelog

Share this page

Bookmarks

Latest updates

proposed

PPA updates