Debian Security Advisory DSA 3084-1 (openvpn - security update)

Summary
Dragana Damjanovic discovered that an authenticated client could crash an OpenVPN server by sending a control packe containing less than four bytes as payload.
Solution
For the stable distribution (wheezy), this problem has been fixed in version 2.2.1-8+deb7u3. For the unstable distribution (sid), this problem has been fixed in version 2.3.4-5. We recommend that you upgrade your openvpn packages.
Insight
OpenVPN is an application to securely tunnel IP networks over a single UDP or TCP port. It can be used to access remote sites, make secure point-to-point connections, enhance wireless security, etc.
Affected
openvpn on Debian Linux
Detection
This check tests the installed software version using the apt package manager.
References