2.0.10

DATE	CVE	VULNERABILITY TITLE	RISK
2013-11-18	CVE-2013-2061	Information Exposure vulnerability in multiple products The openvpn_decrypt function in crypto.c in OpenVPN 2.3.0 and earlier, when running in UDP mode, allows remote attackers to obtain sensitive information via a timing attack involving an HMAC comparison function that does not run in constant time and a padding oracle attack on the CBC mode cipher. network high complexity openvpn opensuse CWE-200	2.6