A software audit has reveal several vulnerabilities in OpenVPN 2.4 including a Critical DOS issue.
https://ostif.org/the-openvpn-2-4-0-audit-by-ostif-and-quarkslab-results/
These problems are fixed in version 2.4.2 and Turris should update to it promptly.
Bill
I was able to add this package from LEDE https://downloads.lede-project.org/releases/packages-17.01/arm_cortex-a9_vfpv3/base/ by adding architecture “arm_cortex-a9_vfpv3” to opkg. I added these lines to /etc/opkg.conf:
arch all 1
arch noarch 1
arch mvebu 10
arch arm_cortex-a9_vfpv3 20