Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN 2.4.2

    Scheduled Pinned Locked Moved OpenVPN
    3 Posts 3 Posters 1.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • NitrobeastN Offline
      Nitrobeast
      last edited by

      Do you all know if OpenVPN is or going to be updated to 2.4.2 to support the recent vulnerabilities that were published everywhere?

      https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn24

      OpenVPN 2.4.2

      https://www.rapid7.com/db/vulnerabilities/freebsd-cve-2017-7479

      CVE-2017-7478
      CVE-2017-7479

      1 Reply Last reply Reply Quote 0
      • jimpJ Offline
        jimp Rebel Alliance Developer Netgate
        last edited by

        pfSense 2.4 has OpenVPN 2.4.2 in current snapshots
        pfSense 2.3.4 has 2.3.14, we're going to get that updated to 2.3.15 but haven't yet decided on what type of update we'll push out for that.

        The OpenVPN client export package currently has both OpenVPN 2.4.2 and 2.3.15 windows installers.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • M Offline
          msanangelo
          last edited by

          Is there any way we can get manual updates to vulnerable packages or are we just expected to wait for the next major/minor release? For a system that sits on the front lines of a LAN, I really would prefer that it's as secure as possible. According to 'pkg audit', I have 4 packages that need patched in pfsense v2.3.4.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.