Hi Gert,
Serious misunderstanding here: you do NOT need to update OpenVPN per se to
be secure from Heartbleed. To the contrary, if you just update OpenVPN to
2.3.4, and leave OpenSSL at a vulnerable version, OpenVPN will
*still* be vulnerable.
2.3.3 and 2.3.4 releases contain useful
On Fri, Aug 01, 2014 at 11:27:26AM +0200, Lisa Minogue wrote:
A few days ago I asked about Debian's old version on this mailing list
as I thought some of you guys might know why Debian has not upgraded
its package. I was just being curious.
Did you see me answering?
Greetings
Marc
--
people in both OpenBSD and Debian usually (always?) do what they think is right.
probably, you will get more luck if you ask them directly why do they do so.
I didn't mention they ever asked an advice here. So, nobody here knows
why do they do so.
Can you please explain why are you asking here ?
On Tue, Jul 29, 2014 at 11:10:01PM +0200, Lisa Minogue wrote:
One of my friends has just pointed out to me that on Debian Wheezy
backports and Jessie, OpenVPN's version still stands at 2.3.2.
Debian Wheezy Backports pulls from Debian Jessie (as soon as someone
finds time to manually do it);
Hi guys,
One of my friends has just pointed out to me that on Debian Wheezy backports
and Jessie, OpenVPN's version still stands at 2.3.2.
The version available for OpenBSD 5.5 and 5.6 (to be released in November 2014)
is also 2.3.2.
What's happening at both Debian and OpenBSD?
Regards.
- Original Message -
From: Lisa Minogue lmino...@mail.be
To: openvpn-users@lists.sourceforge.net
Sent: Tuesday, 29 July, 2014 11:10:01 PM
Subject: [Openvpn-users] OpenVPN for Debian Wheezy (backports) and Jessie is
still at 2.3.2!!
Hi guys,
One of my friends has just pointed