This bug was fixed in the package openvpn - 2.6.14-0ubuntu0.25.04.1
---------------
openvpn (2.6.14-0ubuntu0.25.04.1) plucky; urgency=medium
* New upstream version 2.6.14 (LP: #2040467):
- CVE Fixes:
+ CVE-2025-2704
- Bug Fixes:
+ Repair source IP selection for --multihome.
+ Allow tls-crypt-v2 to be setup only on initial packet of a session.
- See https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn26 for
additional bug fixes and information.
* Remove patches fixed upstream:
- d/p/CVE-2025-2704.patch
[Fixed in 2.6.14]
-- Lena Voytek <[email protected]> Thu, 29 May 2025 16:57:16
-0400
** Changed in: openvpn (Ubuntu Plucky)
Status: Fix Committed => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2025-2704
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2040467
Title:
Backport upstream microreleases for questing cycle
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openvpn/+bug/2040467/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
