Update for OpenVPN?

David B · 23. Juni 2017

How does the OMV plugin for OpenVPN handle OpenVPN updates? My reason for asking, as some of you probably know, has to do with this.

subzero79 · 23. Juni 2017

@David B Honestly you been here a long time, and you help others too so you know your way around. All the time you have spent here in the forum and using the omv you should know exactly where to look (github omv-extras and your own server if you use openvpn)

A simple apt-cache shows we use the official debian package (jessie or wheezy depending on the release), so just typing in google "CVE-2017-7521 debian" will lead you here

https://security-tracker.debian.org/tracker/CVE-2017-7521

Then the mailing list
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865480

Bottom line, we have to wait for debian to push the package update, take into consideration this was reported few days ago. Take a look on the openvpn website and they provide debian packages, probably with the latest and patched if you feel unsecure.

David B · 23. Juni 2017

Zitat von subzero79

@David B Honestly you been here a long time, and you help others too so you know your way around. All the time you have spent here in the forum and using the omv you should know exactly where to look (github omv-extras and your own server if you use openvpn)

Yeah, I know. I should have known where to look but I wasn't really thinking when I posted that. I was in a hurry at the time so I just slapped a quick post on here and moved on. Thanks for the answer though!

Jetzt mitmachen!