Package openvpn: Information

    Source package: openvpn
    Version: 2.6.15-alt1
    Build time:  Nov 12, 2025, 10:38 PM
    Category: System/Servers
    Report package bug
    Home page: http://www.openvpn.net
    License: GPLv2 with openvpn-openssl-exception
    Summary: a full-featured SSL VPN solution
    Description: 
    OpenVPN is a full-featured SSL VPN solution which can accomodate
a wide range  of configurations,  including road warrior access,
home/office/campus  telecommuting,  WiFi security, secure branch
office  linking,  and enterprise-scale  remote access  solutions
with load balancing, failover, and fine-grained access-controls.
    List of RPM packages built from this SRPM:
    openvpn (e2kv6, e2kv5, e2kv4, e2k)
    openvpn-debuginfo (e2kv6, e2kv5, e2kv4, e2k)
    openvpn-devel (noarch)
    openvpn-docs (noarch)
    openvpn-plugins (e2kv6, e2kv5, e2kv4, e2k)
    openvpn-plugins-debuginfo (e2kv6, e2kv5, e2kv4, e2k)
    Maintainer: Nikolay A. Fetisov
    List of contributors:
    Nikolay A. Fetisov
    Gleb Fotengauer-Malinovskiy
    qa-robot
      1. cmake
      2. git-core
      3. glibc-devel-static
      4. iproute2
      5. libcap-ng-devel
      6. liblz4-devel
      7. liblzo2-devel
      8. libpam-devel
      9. libpkcs11-helper-devel
      10. libselinux-devel
      11. libsystemd-devel
      12. net-tools
      13. python3-module-docutils
      14. rpm-build-licenses
      15. time

    Last changed

    Nov. 5, 2025 Nikolay A. Fetisov 2.6.15-alt1
    - New version
- Fixes:
  + CVE-2025-2704: possible ASSERT() on OpenVPN servers using --tls-crypt-v2
  + Improve server-side handling of clients sending too long usernames/passwords
  + Bring back configuring of broadcast address on Linux tun/tap interface
  + Linux DCO: repair source IP selection for --multihome
  + Correctly handle case of "route installation fails" for an already-existing
    routes
- Fix format of the OpenSSL license exception in License tag
    Aug. 1, 2024 Nikolay A. Fetisov 2.6.12-alt1
    - New version
- Fixes:
  + CVE-2024-5594: filter control channel messages with nonprintable chars
  + CVE-2024-28882: only call schedule_exit() once (on a given peer)
  + CVE-2024-4877: Windows: harden interactive service pipe
  + Fix bug preventing Http-proxy credentials caching
    March 27, 2024 Nikolay A. Fetisov 2.6.10-alt1
    - New version
- Fixes (all CVE are Windows-specific):
  + CVE-2024-27459: Windows: fix a possible stack overflow
  + CVE-2024-24974: Windows: disallow remote access to the service pipe
  + CVE-2024-27903: Windows: disallow loading of plugins from untrusted dirs
  + CVE-2023-7235: Windows: local privilege escalation via Windows Installer
    VKontakte|Telegram|YouTube|Forum|ALT Linux Space|Bugzilla
    Version: v25.10.0
    Back to top