kumasulidwa kwa phukusi lopangira ma network achinsinsi . Mu Baibulo latsopano vulnerability (CVE-2020-11810) yomwe imalola gawo la kasitomala kusamutsidwa ku adilesi yatsopano ya IP yomwe sinaloledwe kale. Vuto likhoza kugwiritsidwa ntchito kasitomala watsopano wolumikizidwa pa siteji pomwe peer-id yakhazikitsidwa kale, koma kukambirana kwa makiyi agawo sikunathe (makasitomala mmodzi akhoza kuyimitsa magawo a makasitomala ena).
Zosintha zina ndi izi:
- Pa nsanja ya Windows, amaloledwa kugwiritsa ntchito zingwe zofufuzira za unicode mu "-cryptoapicert" njira;
- Kuwonetsetsa kuti ziphaso zomwe zidatha ntchito zimaperekedwa mu sitolo ya satifiketi ya Windows;
- Vuto lakulephera kukweza ma CRL angapo (Mndandanda Wochotsa Ziphaso) zomwe zili mufayilo imodzi mukamagwiritsa ntchito njira ya "--crl-verify" pamakina okhala ndi OpenSSL lathetsedwa;
- Mukamagwiritsa ntchito njira "-auth-user-pass file", ngati pali dzina lolowera mufayilo, kuti mufunse mawu achinsinsi, mawonekedwe owongolera zidziwitso tsopano akufunika (kupempha mawu achinsinsi pogwiritsa ntchito OpenVPN kudzera mwachangu mu console. sikuthekanso);
- Lamulo loyang'ana mautumiki ogwiritsira ntchito asinthidwa (mu Windows, malo osinthika amafufuzidwa koyamba, ndiyeno pempho limatumizidwa kwa wolamulira);
- Konzani zovuta pakumanga papulatifomu ya FreeBSD mukamagwiritsa ntchito mbendera ya "-enable-async-push".
Source: opennet.ru