
[CVE-2017-5868] OpenVPN Access Server: CRLF Injection with Session Fixation - zspitzer
http://seclists.org/oss-sec/2017/q2/332
======
BillinghamJ
Looks like they were informed in Jan, but then just decided to not bother
fixing it? :s

