[SECURITY] [DSA 6289-1] openvpn security update

To: debian-security-announce@lists.debian.org
Subject: [SECURITY] [DSA 6289-1] openvpn security update
From: Moritz Muehlenhoff <jmm@debian.org>
Date: Thu, 21 May 2026 20:38:40 +0000
Message-id: <[🔎] ag9tUAkK3pebJ6XZ@seger.debian.org>
Reply-to: debian-security-announce-request@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-6289-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
May 21, 2026                          https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : openvpn
CVE ID         : CVE-2026-35058 CVE-2026-40215

Two security vulnerabilities were discovered in OpenVPN, which could
result in denial of service or a leak of packet data from a previous
handshake.

For the oldstable distribution (bookworm), these problems have been fixed
in version 2.6.14-0+deb12u1.

For the stable distribution (trixie), these problems have been fixed in
version 2.6.14-1+deb13u2.

We recommend that you upgrade your openvpn packages.

For the detailed security status of openvpn please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/openvpn

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmoPbPgACgkQEMKTtsN8
TjY1zg//ZMggK3HLwQcdFDd0KbEgLJa/Fcsa8K59kNIy3yGK/Ri5wB//Ixki7DUn
OaDc8mTjDcemXVm94Lhq0D/T2gHvRrwiNqhBITU/tpdeAx6FZSmRN0lO98a5Oq7a
831xJPxjAfKr7KWVFeVQnpEqZRJHY4f6tm13oQ0sTPjpQQ4h2wtBmiRiXtzDhAPd
qebTRwPzjjG948qzuTFC5/FRJiRqfB6NB8zw1iaxtRqBFapCFMb9C7/Vt3FIjgio
J3aBjv3tUPGamaDReRRtNWksTdF/iepbxC8sl7IJsDvBagl5R5n1aaVUXKE3oJjR
JTJGajk8zTQoeEN20UdcwkIIkbWdow0uYhzqUzfDvfuf2i7ujxVS4lZNNDYb45ft
wznBuw3grQR5jDa1z90LWdyqyN2VDCrxcXNnYqqhGYN2rQms18HlkigQ4A6Nm9gr
Afeo1/GM7+LZjJjbIiKAO+GtB0xvhd2VdzKhIkonPiXAj7gc7gEhuUYxdrXbdGuq
cSldtbkeCcxInu4sWcnW1A8TnkRihP0x6XpeaNUsf883weYKXVXKN/cGhHcFrD6j
INYXjQ1wdvirP/zSSir+TyiwLD/0GTPXpC3ksGHl+JFvz/cMUe9oHKIg3hVarf7e
hyZwN5+9KF9qRpQ1Sov5Bn7kdHjKe/UdaiXZ/Ihq7RifnVuYo1M=
=+gwC
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DSA 6288-1] thunderbird security update
Next by Date: [SECURITY] [DSA 6290-1] nss security update
Previous by thread: [SECURITY] [DSA 6288-1] thunderbird security update
Next by thread: [SECURITY] [DSA 6290-1] nss security update
Index(es):
- Date
- Thread