June 21, 2017 Nikolay A. Fetisov 2.4.3-alt1
- New version
- Security fixes:
+ CVE-2017-7522 Post-authentication --x509-track remote DoS
+ CVE-2017-7521 Post-authentication remote-triggerable memory leaks
+ CVE-2017-7521 Potential post-authentication remote code execution
on servers that use the --x509-username-field option
+ CVE-2017-7520 Pre-authentication remote crash / information disclosure
for clients
+ CVE-2017-7508 Remotely-triggerable ASSERT() on malformed IPv6 packet
- Force to use built-in PIN prompt with PKCS11 regardless
of systemd presence (OpenVPN bug 538)