This update brings in the latest OpenVPN v2.4.2 release. This release contains fixes for two authenticated remote DoS vulnerabilities (CVE-2017-7478 and CVE-2017-7479). For more information see the upstream security announcement.
This build also switches back to OpenSSL 1.0, using compat-openssl10 and compat-openssl10-pkcs11-helper. This is temporarily until full OpenSSL 1.1 support have arrived OpenVPN. This should also resolve a lot of issues with features missing or not working properly with mbed TLS.
Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:
sudo dnf upgrade --refresh --advisory=FEDORA-2017-89d98779ec
Please login to add feedback.