AVG-319 log
| Package | openvpn |
| Status | Not affected |
| Severity | Medium |
| Type | denial of service |
| Affected | 2.4.2-1 |
| Fixed | 2.4.3-1 |
| Current | 2.6.16-1 [extra] |
| Ticket | None |
| Created | Thu Jun 22 12:12:46 2017 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2017-7522 | Medium | Yes | Denial of service | A post-authentication remote DoS has been found in OpenVPN >= 2.4 and < 2.4.3, allowing a client to crash a server by sending a crafted certificate with an... |
| References |
|---|
https://community.openvpn.net/openvpn/wiki/VulnerabilitiesFixedInOpenVPN243 https://guidovranken.wordpress.com/2017/06/21/the-openvpn-post-audit-bug-bonanza/ |
| Notes |
|---|
Not impacted by CVE-2017-7522 because we don't build openvpn against mbed. |