Launchpad.net

CVE 2020-15078

OpenVPN 2.5.1 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks.

Related bugs and status

CVE-2020-15078 (Candidate) is related to these bugs:

Bug #1868127: [SRU] OpenVPN will not reload due to misconfigured .service file

		In	Importance	Status
1868127	[SRU] OpenVPN will not reload due to misconfigured .service file	openvpn (Ubuntu)	Medium	Fix Released
1868127	[SRU] OpenVPN will not reload due to misconfigured .service file	openvpn (Ubuntu Focal)	Medium	Fix Released
1868127	[SRU] OpenVPN will not reload due to misconfigured .service file	openvpn (Ubuntu Bionic)	Medium	Fix Released
1868127	[SRU] OpenVPN will not reload due to misconfigured .service file	openvpn (Ubuntu Eoan)	Medium	Fix Released

Bug #2004676: MRE Updates 2.5.9 / 2.4.12

		In	Importance	Status
2004676	MRE Updates 2.5.9 / 2.4.12	openvpn (Ubuntu)	Undecided	Fix Released
2004676	MRE Updates 2.5.9 / 2.4.12	openvpn (Ubuntu Focal)	Undecided	Fix Released
2004676	MRE Updates 2.5.9 / 2.4.12	openvpn (Ubuntu Jammy)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2020-15078

Related bugs and status

Related bugs

References