Hi, On Sun, Apr 20, 2014 at 09:07:37PM -0700, fausto milinazzo wrote: > I am also not certain why it is necessary to upgrade the windows client.
Because the windows installers 2.3.2-I001 to 2.3.2-I003 were built with
a vulnerable OpenSSL library, and since heartbleed works both ways, if
you have a malicious server (or someone who manages to get your clients
talk to his server, by routing / DNS / MITM attacks), the attack can also
be used to extract information from the clients.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany g...@greenie.muc.de
fax: +49-89-35655025 g...@net.informatik.tu-muenchen.de
pgpPD9G2S25Mp.pgp
Description: PGP signature
------------------------------------------------------------------------------ Start Your Social Network Today - Download eXo Platform Build your Enterprise Intranet with eXo Platform Software Java Based Open Source Intranet - Social, Extensible, Cloud Ready Get Started Now And Turn Your Intranet Into A Collaboration Platform http://p.sf.net/sfu/ExoPlatform
_______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
