Package: openvpn Version: 2.6.3-1+deb12u3 Severity: normal In https://salsa.debian.org/security-tracker-team/security-tracker/-/merge_requests/241 Carlos Henrique Lima Melara discovered that the fix for CVE-2024-5594 introduced a regression concerning trailing \r and \n messages in the OpenVPN control channel. This happens easily.
https://github.com/OpenVPN/openvpn/issues/568 This was fixed in 2.6.12 in https://github.com/flichtenheld/openvpn/commit/9ce76b0ded2bae167372e7eb09d25e5369e5f795
