This bug was fixed in the package openvpn - 2.4.4-2ubuntu1.5
---------------
openvpn (2.4.4-2ubuntu1.5) bionic-security; urgency=medium
* SECURITY UPDATE: data channel v2 packet injection
- debian/patches/CVE-2020-11810.patch: fix illegal client float in
src/openvpn/multi.c.
- CVE-2020-11810
* SECURITY UPDATE: Authentication bypass with deferred authentication
- debian/patches/CVE-2020-15078.patch: ensure key state is
authenticated before sending push reply in src/openvpn/push.c.
- CVE-2020-15078
-- Marc Deslauriers <marc.deslauri...@ubuntu.com> Tue, 27 Apr 2021
10:54:29 -0400
** Changed in: openvpn (Ubuntu Bionic)
Status: Fix Committed => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-11810
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-15078
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1868127
Title:
[SRU] OpenVPN will not reload due to misconfigured .service file
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openvpn/+bug/1868127/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
