Bugs fixes in "openvpn"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2024-27903 | OpenVPN plug-ins on Windows with OpenVPN 2.6.9 and earlier could be loaded from any directory, which allows an attacker to load an arbitrary plug-in | 2024-10-10 |
| CVE | CVE-2024-24974 | The interactive service in OpenVPN 2.6.9 and earlier allows the OpenVPN service pipe to be accessed remotely, which allows a remote attacker to inter | 2024-10-10 |
| CVE | CVE-2024-27459 | The interactive service in OpenVPN 2.6.9 and earlier allows an attacker to send data causing a stack overflow which can be used to execute arbitrary | 2024-10-10 |
| Launchpad | 2073318 | Backport of openvpn for jammy and noble | 2024-10-10 |
| CVE | CVE-2024-27903 | OpenVPN plug-ins on Windows with OpenVPN 2.6.9 and earlier could be loaded from any directory, which allows an attacker to load an arbitrary plug-in | 2024-10-10 |
| CVE | CVE-2024-24974 | The interactive service in OpenVPN 2.6.9 and earlier allows the OpenVPN service pipe to be accessed remotely, which allows a remote attacker to inter | 2024-10-10 |
| CVE | CVE-2024-27459 | The interactive service in OpenVPN 2.6.9 and earlier allows an attacker to send data causing a stack overflow which can be used to execute arbitrary | 2024-10-10 |
| CVE | CVE-2024-28882 | OpenVPN from 2.6.0 through 2.6.10 in a server role accepts multiple exit notifications from authenticated clients which will extend the validity of a | 2024-10-10 |
| Launchpad | 2073318 | Backport of openvpn for jammy and noble | 2024-10-10 |
| CVE | CVE-2024-27903 | OpenVPN plug-ins on Windows with OpenVPN 2.6.9 and earlier could be loaded from any directory, which allows an attacker to load an arbitrary plug-in | 2024-10-02 |
| CVE | CVE-2024-24974 | The interactive service in OpenVPN 2.6.9 and earlier allows the OpenVPN service pipe to be accessed remotely, which allows a remote attacker to inter | 2024-10-02 |
| CVE | CVE-2024-27459 | The interactive service in OpenVPN 2.6.9 and earlier allows an attacker to send data causing a stack overflow which can be used to execute arbitrary | 2024-10-02 |
| Launchpad | 2073318 | Backport of openvpn for jammy and noble | 2024-10-02 |
| CVE | CVE-2024-27903 | OpenVPN plug-ins on Windows with OpenVPN 2.6.9 and earlier could be loaded from any directory, which allows an attacker to load an arbitrary plug-in | 2024-10-02 |
| CVE | CVE-2024-24974 | The interactive service in OpenVPN 2.6.9 and earlier allows the OpenVPN service pipe to be accessed remotely, which allows a remote attacker to inter | 2024-10-02 |
| CVE | CVE-2024-27459 | The interactive service in OpenVPN 2.6.9 and earlier allows an attacker to send data causing a stack overflow which can be used to execute arbitrary | 2024-10-02 |
| CVE | CVE-2024-28882 | OpenVPN from 2.6.0 through 2.6.10 in a server role accepts multiple exit notifications from authenticated clients which will extend the validity of a | 2024-10-02 |
| Launchpad | 2073318 | Backport of openvpn for jammy and noble | 2024-10-02 |
| Launchpad | 2004676 | MRE Updates 2.5.8 / 2.4.11 | 2023-11-30 |
| CVE | CVE-2022-0547 | OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of def | 2023-11-21 |
About
-
Send Feedback to @ubuntu_updates
