SUSE-SU-2025:1131-1 Security update for openvpn

This update for openvpn fixes the following issues: - CVE-2024-5594: Fixed incorrect handling of null bytes and invalid characters in control messages bsc1235147...

SUSE-SU-2025:1053-2 Security update for openvpn

This update for openvpn fixes the following issues: - CVE-2024-5594: Fixed handling of null bytes and invalid characters in control messages bsc1235147...

SUSE-SU-2025:1053-1 Security update for openvpn

This update for openvpn fixes the following issues: - CVE-2024-5594: Fixed handling of null bytes and invalid characters in control messages bsc1235147...

DLA-4079-1 openvpn - security update

Bulletin has no description...

SUSE-SU-2025:0278-1 Security update for openvpn

This update for openvpn fixes the following issues: - CVE-2024-5594: Fixed wrong handling of null bytes and invalid characters in control messages bsc1235147...

MGASA-2024-0255 Updated openvpn packages fix security vulnerability

Control channel: refuse control channel messages with nonprintable characters in them. CVE-2024-5594...

SUSE-SU-2022:1934-1 Security update for openvpn

This update for openvpn fixes the following issues: - CVE-2022-0547: Fixed possible authentication bypass in external authentication plug-in bsc1197341. - By default the --suppress-timestamps flag is not needed bsc1123557...

DLA-2992-1 openvpn - security update

Bulletin has no description...

MGASA-2022-0123 Updated openvpn packages fix security vulnerability

Potential authentication by-pass with multiple deferred authentication plug-ins. CVE-2022-0547...

SUSE-SU-2022:1029-1 Security update for openvpn

This update for openvpn fixes the following issues: - CVE-2022-0547: Fixed possible authentication bypass in external authentication plug-in bsc1197341...

OPENSUSE-SU-2022:1029-1 Security update for openvpn

This update for openvpn fixes the following issues: - CVE-2022-0547: Fixed possible authentication bypass in external authentication plug-in bsc1197341...

SUSE-SU-2022:1024-1 Security update for openvpn

This update for openvpn fixes the following issues: - CVE-2022-0547: Fixed possible authentication bypass in external authentication plug-in bsc1197341...

MGASA-2021-0302 Updated openvpn packages fix a security vulnerability

OpenVPN 2.5.1 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks CVE-2020-15078...

OPENSUSE-SU-2021:0734-1 Security update for openvpn

This update for openvpn fixes the following issues: - CVE-2020-15078: Fixed authentication bypass with deferred authentication bsc1185279. - CVE-2020-11810: Fixed race condition between allocating peer-id and initializing data channel key bsc1169925. - CVE-2018-7544: Fixed cross-protocol scriptin...

SUSE-SU-2020:2359-1 Security update for openvpn

This update for openvpn fixes the following issues: - openvpn-2.3.9-Fix-heap-overflow-on-getaddrinfo-result.patch was malformed in a way that caused patch1 to ignore it. bsc959714...

MGASA-2020-0195 Updated openvpn packages fix security vulnerability

Updated openvpn packages fix security vulnerability: An issue was discovered in OpenVPN 2.4.x before 2.4.9. An attacker can inject a data channel v2 PDATAV2 packet using a victim's peer-id. Normally such packets are dropped, but if this packet arrives before the data channel crypto parameters hav...

SUSE-SU-2017:2838-1 Security update for openvpn

This update for openvpn fixes the following security issues: - CVE-2017-12166: OpenVPN was vulnerable to a buffer overflow vulnerability when key-method 1 is used, possibly resulting in code execution. bsc1060877. - CVE-2016-6329: Now show which ciphers should no longer be used in openvpn...

SUSE-SU-2017:2839-1 Security update for openvpn

This update for openvpn fixes the following issues: - CVE-2017-12166: Lack of bound check in readkey in old legacy key handling before using values could be used for a remote buffer overflow bsc1060877...

MGASA-2017-0224 Updated openvpn packages fix security vulnerabilities

It was possible to trigger an assertion by sending a malformed IPv6 packet. That issue could have been abused to remotely shutdown an openvpn server or client, if IPv6 and --mssfix were enabled and if the IPv6 networks used inside the VPN were known CVE-2017-7508. Some parts of the...

SUSE-SU-2017:1642-1 Security update for openvpn

This update for openvpn fixes the following issues: - It was possible to trigger an assertion by sending a malformed IPv6 packet. That issue could have been abused to remotely shutdown an openvpn server or client, if IPv6 and --mssfix were enabled and if the IPv6 networks used inside the VPN were...