Hi, On Mon, May 13, 2024 at 12:59:06PM +0000, Turritopsis Dohrnii Teo En Ming via Openvpn-users wrote: > Subject: Critical OpenVPN Zero-Day Flaws Affecting Millions of Endpoints > Across the Globe > > Good day from Singapore, > > I have just read this article and I would like to share it with all of you > here. > > Article: Critical OpenVPN Zero-Day Flaws Affecting Millions of Endpoints > Across the Globe > Link: https://cybersecuritynews.com/openvpn-zero-day-flaws/
A link to that story has been posted here before (by mike tancsa, last
Friday), and our response still holds...
Upgrade to 2.5.10 or 2.6.10 if you happen to be on Windows *and* use
plugins, *and* put them in a path where an untrusted other user could
modify them. If you are not using plugins, or they are in a non-writeable
path, upgrading is still a good idea (we always fix bugs), but there are
no attack angles open.
Also, calling these "Zero-Day" is more "fishing for sensations" than
honest, since we've fixed these 4 CVEs weeks ago...
gert
--
"If was one thing all people took for granted, was conviction that if you
feed honest figures into a computer, honest figures come out. Never doubted
it myself till I met a computer with a sense of humor."
Robert A. Heinlein, The Moon is a Harsh Mistress
Gert Doering - Munich, Germany g...@greenie.muc.de
signature.asc
Description: PGP signature
_______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
