Fedora 27 : openvpn (2017-5882331351)

Maintenance release with several minor upstream bugfixes and a security fix related to legacy configurations deploying the deprecated key-method 1 configuration option CVE-2017-12166. From this update of, OpenVPN will use the lz4 compression library from Fedora instead of the upstream bundled...

Medium: openvpn

Issue Overview: OpenVPN versions before 2.3.3 and 2.4.x before 2.4.4 are vulnerable to a buffer overflow vulnerability when key-method 1 is used, possibly resulting in code execution. CVE-2017-12166 Affected Packages: openvpn Issue Correction: Run yum update openvpn or yum update --advisory...

OpenVPN 2.x < 2.3. 18/ 2.4.x < 2.4.4 Buffer Overflow Vulnerability w/ key-method 1

According to its self-reported version number, the version of OpenVPN installed on the remote host is affected by an error related to a weakness in the 'key-method 1' implementation which could allow buffer overflow attacks and result in unexpected code execution C Tenable Network Security, Inc...

Buffer overflow

OpenVPN versions before 2.3.3 and 2.4.x before 2.4.4 are vulnerable to a buffer overflow vulnerability when key-method 1 is used, possibly resulting in code execution...