'learn-address /usr/local/sbin/learn-address' configuration does not include a necessary 'script-security 2' directive

Without specifying a less strict "script-security", configurations that have the 'learn-address /usr/local/sbin/learn-address' directive specified will fail to run with the following error:

ovpn-tcp[47061]: user/1.2.3.4:42114 WARNING: External program may not be called unless '--script-security 2' or higher is enabled. See --help text or man page for detailed info.
ovpn-tcp[47061]: user/1.2.3.4:42114 WARNING: Failed running command (--learn-address): external program fork failed
ovpn-tcp[47061]: user/1.2.3.4:42114 WARNING: Failed running command (--learn-address): external program fork failed

From the OpenVPN man page for --learn-address:

On "add" or "update" methods, if the script returns a failure code (non-zero), OpenVPN will reject the address and will not modify its internal routing table.

This will exhibit behavior where clients are able to establish a successful connection with the server, but unable to reach anything through the tunnel.