Browse code
Version 2.1_rc9
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3155 e7ae566f-a301-0410-adde-c780ea21d3b5
james authored on 2008/08/01 15:50:39Showing 1 changed files
| ... | ... |
@@ -5,7 +5,7 @@ $Id$ |
| 5 | 5 |
|
| 6 | 6 |
2008.07.31 -- Version 2.1_rc9 |
| 7 | 7 |
|
| 8 |
-* Security Vulnerability -- affects non-Windows OpenVPN clients running |
|
| 8 |
+* Security Fix -- affects non-Windows OpenVPN clients running |
|
| 9 | 9 |
OpenVPN 2.1-beta14 through 2.1-rc8 (OpenVPN 2.0.x clients are NOT |
| 10 | 10 |
vulnerable nor are any versions of the OpenVPN server vulnerable). |
| 11 | 11 |
An OpenVPN client connecting to a malicious or compromised |
| ... | ... |
@@ -14,7 +14,7 @@ $Id$ |
| 14 | 14 |
the client. A successful attack requires that (a) the client has agreed |
| 15 | 15 |
to allow the server to push configuration directives to it by including |
| 16 | 16 |
"pull" or the macro "client" in its configuration file, (b) the client |
| 17 |
- succesfully authenticates the server, (c) the server is malicious or has |
|
| 17 |
+ successfully authenticates the server, (c) the server is malicious or has |
|
| 18 | 18 |
been compromised and is under the control of the attacker, and (d) the |
| 19 | 19 |
client is running a non-Windows OS. Credit: David Wagner. |
| 20 | 20 |
|