CVE-2017-7522 - log back

CVE-2017-7522 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Denial of service
Description
+ A post-authentication remote DoS has been found in OpenVPN >= 2.4 and < 2.4.3, allowing a client to crash a server by sending a crafted certificate with an embedded NUL character. The issue requires the OpenVPN server to be built against mbedtls and to use the --x509-track option.
References
+ https://github.com/OpenVPN/openvpn/commit/426392940c
Notes