[Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2024-5594/openvpn: record regression and fixes on v2.6 and v2.5

Sat, 30 Aug 2025 00:17:41 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
f2b0e2d6 by Carlos Henrique Lima Melara at 2025-08-29T22:50:26-03:00
CVE-2024-5594/openvpn: record regression and fixes on v2.6 and v2.5

- - - - -
d9606862 by Salvatore Bonaccorso at 2025-08-30T09:17:24+02:00
Merge branch 'add-more-info-CVE-2024-5594' into 'master'

CVE-2024-5594/openvpn: record regression and fixes on v2.6 and v2.5

See merge request security-tracker-team/security-tracker!241
- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -127095,6 +127095,10 @@ CVE-2024-5594 (OpenVPN before 2.6.11 does not 
santize PUSH_REPLY messages proper
        - openvpn 2.6.11-1 (bug #1074488)
        [bookworm] - openvpn 2.6.3-1+deb12u3
        NOTE: 
https://github.com/OpenVPN/openvpn/commit/90e7a858e5594d9a019ad2b4ac6154124986291a
 (v2.6.11)
+       NOTE: 
https://github.com/OpenVPN/openvpn/commit/d4921ba22f5ae4537d808986743a228617c86328
 (v2.5.11)
+       NOTE: Regression issue: https://github.com/OpenVPN/openvpn/issues/568
+       NOTE: Regression fix: 
https://github.com/OpenVPN/openvpn/commit/343573990135023d855d151fcd9248e5c26d9f8b
 (v2.6.12)
+       NOTE: Regression fix: 
https://github.com/OpenVPN/openvpn/commit/dddb87f126a6e87e61de830a9efe0bc257a71e2b
 (v2.5.11)
 CVE-2024-4877 (OpenVPN version 2.4.0 through 2.6.10 on Windows allows an 
external, le ...)
        - openvpn <not-affected> (Only affects Windows)
 CVE-2024-6269 (A vulnerability has been found in Ruijie RG-UAC 1.0 and 
classified as  ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/c875a222738a2d11d17594a42bfc3952f32e895a...d9606862735297ce9dc5d4082922222b4edc8d11

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/c875a222738a2d11d17594a42bfc3952f32e895a...d9606862735297ce9dc5d4082922222b4edc8d11
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to