Hi, I applied the fix for CVE-2013-2061 [0] to Debian's stable version of openvpn (2.2.1) [1]. When the new package was sent to the mirrors I got a couple of reports of broken VPNs [2]. After some testing I think the problem arises with the use of "multihome" option. The server daemon starts to log lots of these: Jun 17 12:43:52 srv ovpn-srv[31073]: write UDPv4 []: Invalid argument (code=22) Jun 17 12:43:53 srv ovpn-srv[31073]: write UDPv4 []: Invalid argument (code=22)
If the "multihome" option is removed, the VPN comes back to live. Could a patch to fix this be made or should we go back to 2.2.1 without the patch to fix CVE-2013-2061? Thanks, Alberto [0] https://github.com/OpenVPN/openvpn/commit/11d21349a4e7e38a025849479b36ace7c2eec2ee [1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=707329 [2] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=712414 -- Alberto Gonzalez Iniesta | Formación, consultoría y soporte técnico agi@(inittab.org|debian.org)| en GNU/Linux y software libre Encrypted mail preferred | http://inittab.com Key fingerprint = 5347 CBD8 3E30 A9EB 4D7D 4BF2 009B 3375 6B9A AA55
