I am writing in response to the CVE-2024-38520 advisory and the recent notification regarding the SoftEther VPN instances running on EC2 resources. I intend to upgrade SoftEther VPN to version 5.02.5185 to address the security vulnerabilities related to L2TP.
Could you kindly provide the latest SoftEther VPN version 5.02.5185 for the Amazon Linux AMI repository? Despite So much research I could not find a way to softether linux packages to install in the amazon linux 2023 server. I tried using source code github but facing errors
https://github.com/SoftEtherVPN/SoftEtherVPN/releases/tag/5.02.5185
Even the softether website is not updated with the latest softethervpn 5.02.5185 version. It is showing the 4.43 Version is the latest. I have found through the Github but are not suitable for Amazon Linux AMI to upgrade the softether vpn version. Kindly provide the solution
Require the latest softethervpn 5.02.5185 version for Linux
-
- Posts: 1
- Joined: Thu Sep 05, 2024 11:20 am
-
- Posts: 1
- Joined: Fri Sep 06, 2024 1:32 pm
Re: Require the latest softethervpn 5.02.5185 version for Linux
Hello.
I dont have solution for your question, but i have research same problem and collect some information.
First of all, version 5.x are from development/experimental project. Releases of it project are available only in githab in project SoftEtherVPN/SoftEtherVPN
Version 4.x are for stable project. Releases of it are available in github in project SoftEtherVPN/SoftEtherVPN_Stable and on website.
I prefer not to switch from stable to experimental.
But i am not sure that 4.x version is not affected by this CVE.
All my tests with scapy proof of concept are fail for now.
I dont have solution for your question, but i have research same problem and collect some information.
First of all, version 5.x are from development/experimental project. Releases of it project are available only in githab in project SoftEtherVPN/SoftEtherVPN
Version 4.x are for stable project. Releases of it are available in github in project SoftEtherVPN/SoftEtherVPN_Stable and on website.
I prefer not to switch from stable to experimental.
But i am not sure that 4.x version is not affected by this CVE.
All my tests with scapy proof of concept are fail for now.