[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 98-1] openvpn security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : openvpn
Version        : 2.1.3-2+squeeze3
CVE ID         : CVE-2014-8104

Dragana Damjanovic discovered that an authenticated client could crash
an OpenVPN server by sending a control packet containing less than
four bytes as payload.

For the oldstable distribution (squeeze), this problem has been fixed in
version 2.1.3-2+squeeze3 in squeeze-lts.

We recommend that you upgrade your openvpn packages.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJUfjCcAAoJEKGwm0IzOWHoJkYP/RTyFiDBUWsPlfYIzdWsBiBy
VzQaLE80YbYhu4U4HdaBh2hgE0itPRkPRgCetWcbSCxrN6IcDUGKDW+Ij7y7YHrz
M4YtfyBzQsWaxuwhC+plgbmvfwLZxaT0bC8QobIqnY30HhH+GujfREIKuEakOxEV
vo+zN/cdzJmt+WegDpGGz57wJsL/ugooQkoZN9vDZf03l/4Ra9MQvia53YEDHDYd
BkLQjSwEa0560Vg5DCHnLugnZS5fhqs8xvX4Uu35ugvjMDQ9qcxUZ1YFtPWj05hK
ssmVOjl1yzdYW21zU/DE+9heEi8LPwEiXY+wNejJb94hnGiOZRkmYndEnqcGO/Bf
F/QymMwW6mE5V8ukHYj6wmYZCv84jTc0CaiK93+qijuBFUv4OIB0WswjJBjtmcTV
9hlZU4RhUHXWbo3cTLkW3Wb/Tdo17YzCi+ThzdqvB/V1/l+ZIM9xdsKd/twBZwHl
NzOuI8VQCJdl2AcIe36MHQkExPxfHiIJuFcTO8Qr9uiC2ObqSFIs7HJjvZUsPRyR
CuqjLdAttEKjadBeJeb06YtXf1T5XL9BrKmuLLwcOb58Nbst6VmibeYQTv4gBd6q
uVjzqT1j3yXAptGt4xql62SGjApp4Rf7BFc9IaZEUjny8+KKr/tGSVRxlk9hS8CG
BUKG1JZwbXUs8qBUaT1C
=MHS7
-----END PGP SIGNATURE-----


Reply to: