On Monday, May 13th, 2024 at 9:08 PM, Gert Doering <g...@greenie.muc.de> wrote:
> Hi, > > On Mon, May 13, 2024 at 12:59:06PM +0000, Turritopsis Dohrnii Teo En Ming via > Openvpn-users wrote: > > > Subject: Critical OpenVPN Zero-Day Flaws Affecting Millions of Endpoints > > Across the Globe > > > > Good day from Singapore, > > > > I have just read this article and I would like to share it with all of you > > here. > > > > Article: Critical OpenVPN Zero-Day Flaws Affecting Millions of Endpoints > > Across the Globe > > Link: https://cybersecuritynews.com/openvpn-zero-day-flaws/ > > > A link to that story has been posted here before (by mike tancsa, last > Friday), and our response still holds... > > Upgrade to 2.5.10 or 2.6.10 if you happen to be on Windows and use > plugins, and put them in a path where an untrusted other user could > modify them. If you are not using plugins, or they are in a non-writeable > path, upgrading is still a good idea (we always fix bugs), but there are > no attack angles open. > > Also, calling these "Zero-Day" is more "fishing for sensations" than > honest, since we've fixed these 4 CVEs weeks ago... > > gert > Noted with thanks. Regards, Mr. Turritopsis Dohrnii Teo En Ming Targeted Individual in Singapore _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
