Log Message:
openvpn: updated to 2.5.2

The OpenVPN community project team is proud to release OpenVPN 2.5.2. It fixes \ 
two related security vulnerabilities (CVE-2020-15078) which under very specific \ 
circumstances allow tricking a server using delayed authentication (plugin or \ 
management) into returning a PUSH_REPLY before the AUTH_FAILED message, which \ 
can possibly be used to gather information about a VPN setup. In combination \ 
with “–auth-gen-token” or a user-specific token auth solution it can be \ 
possible to get access to a VPN with an otherwise-invalid account. OpenVPN 2.5.2 \ 
also includes other bug fixes and improvements. Updated OpenSSL and OpenVPN GUI \ 
are included in Windows installers.