Hi there,

OpenVPN released version 2.4.2 and also 2.3.15 which come with two high profile fixes addressing CVE-2017-7479 and CVE-2017-7478. While we still aim for OpenVPN 2.4 adoption during the 17.1 series, we have deferred updating the release version from 2.3 to 2.4 at this point to be able to respond more quickly.

Here are the full patch notes:


Stay safe,
Your OPNsense team