Ubuntu
openvpn package

openvpn old security problems (Breezy)

Bug #45827 reported by Sean Cassidy
6
Affects Status Importance Assigned to Milestone
openvpn (Ubuntu)
Fix Released
Medium
Unassigned
Hoary
Invalid
Medium
Daniel T Chen
Breezy
Invalid
Medium
Daniel T Chen

Bug Description

Binary package hint: openvpn

In Breezy, openvpn is version 2.0.2, which was built on August 31st of 2005. There are several severe vulnerabilities client and server side since then. An upgrade is most definitely required. This is public because the security problems are old.

http://openvpn.net/changelog.html
http://packages.ubuntu.com/breezy/net/openvpn

Revision history for this message
Emmet Hikory (persia) wrote :

Fixed in dapper with 2.0.6-1 (and earlier).

Changed in openvpn:
status: Unconfirmed → Fix Released
Revision history for this message
Sean Cassidy (slamsean) wrote :

I emailed Alberto Iniesta, the person listed as the package maintainer for openvpn, and he tells me he is not the maintainer for Ubuntu, but for Debian. Firstly, this is a mistake that must be corrected, and secondly, this old package is a major problem that must be taken seriously. What can we do?

Daniel T Chen (crimsun)
Changed in openvpn:
assignee: nobody → crimsun
status: Unconfirmed → In Progress
assignee: nobody → crimsun
status: Unconfirmed → In Progress
Revision history for this message
William Grant (wgrant) wrote :

Hoary has gone unsupported, so I'm rejecting this task.

Changed in openvpn:
status: In Progress → Rejected
Revision history for this message
Marco Rodrigues (gothicx) wrote :

Breezy support is over.. Today it's Breezy End Of Life!

Changed in openvpn:
status: In Progress → Rejected
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.