OpenVPN before 2.6.11 does not santize PUSH_REPLY messages properly which an attacker controlling the server can use to inject unexpected arbitrary data ending up in client logs.
{ "availability": "Available with Ubuntu Pro with Legacy support add-on: https://ubuntu.com/pro", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "2.3.2-7ubuntu3.2+esm2", "binary_name": "openvpn" }, { "binary_version": "2.3.2-7ubuntu3.2+esm2", "binary_name": "openvpn-dbgsym" } ] }
{ "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "2.3.10-1ubuntu2.2+esm2", "binary_name": "openvpn" }, { "binary_version": "2.3.10-1ubuntu2.2+esm2", "binary_name": "openvpn-dbgsym" } ] }
{ "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "2.4.4-2ubuntu1.7+esm1", "binary_name": "openvpn" }, { "binary_version": "2.4.4-2ubuntu1.7+esm1", "binary_name": "openvpn-dbgsym" } ] }