CVE-2017-7522 log

Severity Medium
Remote Yes
Type Denial of service
A post-authentication remote DoS has been found in OpenVPN >= 2.4 and < 2.4.3, allowing a client to crash a server by sending a crafted certificate with an embedded NUL character.  The issue requires the OpenVPN server to be built against mbedtls and to use the --x509-track option.
Group Package Affected Fixed Severity Status Ticket
AVG-319 openvpn 2.4.2-1 2.4.3-1 Medium Not affected