* Security Vulnerability affecting OpenVPN 2.0 through 2.0.5.
An OpenVPN client connecting to a
malicious or compromised server could potentially receive
"setenv" configuration directives from the server which could
cause arbitrary code execution on the client via a LD_PRELOAD
attack.
Detailed information: http://openvpn.net/changelog.html
ok Thomas Delaet <thomas at delaet.org> (MAINTAINER)
- Format string vulnerability in the foreign_option function in options.c.
(CVE-2005-3393)
- Potential DoS vulnerability on the server in TCP mode. (CVE-2005-3409)
More info:
http://openvpn.net/changelog.html
"just do it" pvalchev@
* Fixed bug in route.c in FreeBSD, Darwin, OpenBSD and NetBSD
version of get_default_gateway. Allocated socket for route
manipulation is never freed so number of mbufs continuously
grow and exhaust system resources after a while (Jaroslav Klaus).
ok pvalchev@
OpenVPN is an easy-to-use, robust, and highly configurable VPN (Virtual
Private Network) daemon which can be used to securely link two or more
private networks using an encrypted tunnel over the internet.
WWW: http://openvpn.sourceforge.net/
from Jorge A. Cortes Montiel <jcortes at bsdcoders dot org>