Hi, On Tue, Apr 21, 2020 at 08:37:35PM +0200, Gert Doering wrote: > On Tue, Apr 21, 2020 at 02:15:43PM -0400, mike tancsa wrote: > > Will the sec issue with OpenSSL force a new release of OpenVPN ? > > > > https://www.openssl.org/news/secadv/20200421.txt
So, speaking to myself again :-) - I've looked at the advisory, and
it talks about "Server or client applications that call the
SSL_check_chain() function".
Which we don't, I just grepped through our source tree.
So, unless I misunderstand something about OpenSSL intricacies, I think
we're safe - no new installers needed, and OpenVPN is not in risk.
gert
--
"If was one thing all people took for granted, was conviction that if you
feed honest figures into a computer, honest figures come out. Never doubted
it myself till I met a computer with a sense of humor."
Robert A. Heinlein, The Moon is a Harsh Mistress
Gert Doering - Munich, Germany [email protected]
signature.asc
Description: PGP signature
_______________________________________________ Openvpn-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-devel
