sixitaan sax ah oo xirmo ah oo loogu talagalay abuurista shabakado gaar loo leeyahay . In nooca cusub nuglaanta (CVE-2020-11810) taas oo u ogolaanaysa fadhiga macmiilka in lagu wareejiyo ciwaanka IP-ga cusub ee aan hore loo ogolayn. Dhibaatada waxaa loo isticmaali karaa macmiilka cusub ee ku xidhan marxaladda marka asaagga-id mar hore la sameeyay, laakiin gorgortanka furayaasha fadhiga lama dhammaystirin (hal macmiil ayaa joojin kara fadhiyada macaamiisha kale).
Isbedelada kale waxaa ka mid ah:
- Goobta Windows-ka, waxaa loo oggol yahay in lagu isticmaalo xargaha raadinta unicode ee xulashada "-cryptoapicert";
- Waxay xaqiijisaa in shahaadooyinka dhacay loo gudbiyay dukaanka shahaadada Windows;
- Dhibaatada awood la'aanta in lagu shubo dhowr CRLs (Liiska Dib-u-noqoshada Shahaadada) ee ku yaal hal fayl marka la isticmaalayo "--crl-verify" ikhtiyaarka nidaamyada leh OpenSSL waa la xalliyey;
- Markaad isticmaalayso ikhtiyaarka "-auth-user-pass file", haddii uu jiro magaca isticmaale kaliya ee faylka, si aad u codsato erayga sirta ah, interface-ka maaraynta aqoonsiga ayaa hadda loo baahan yahay (codsiga erayga sirta ah iyadoo la adeegsanayo OpenVPN iyada oo loo marayo isla markiiba console-ka hadda suurtogal ma aha;
- Nidaamka hubinta adeegyada isdhexgalka ee isticmaalaha waa la bedelay (Windows, goobta qaabeynta ayaa marka hore la hubiyaa, ka dibna codsi ayaa loo diraa maamulaha domain);
- Dhibaatooyin go'an oo ku saabsan dhismaha goobta FreeBSD marka la isticmaalayo calanka "--enable-async-push".
Source: opennet.ru