James Yonan wrote:
2006.04.05 -- Version 2.1-beta12
* Security Vulnerability -- An OpenVPN client connecting to a
malicious or compromised server could potentially receive
"setenv" configuration directives from the server which could
cause arbitrary code execution on the client via a LD_PRELOAD
This vulnerability has been assigned the name CVE-2006-1629.