The status of this bug is invalid, because we will not downgrade default
security level to the one that allows broken crypto to be used by
default. And instructions on how to self-compromise systems are
available and are currently known to work.
--
You received this bug notification because you
I'm not quite sure about the attempts written in the description of the
bug, as they do not look like correct instructions to downgrade openssl
to Seclevel 0.
If you are looking for instuctions on how to make your systems insecure
and allow using weak keys, broken certificates and obsolete
With openssl 1.1.1f-1ubuntu1 Qvpn from Qnap works again, so this bug can
be closed IMHO.
Neverthertheless I would prefer companies/producers of VPN solutions fix
and update their signatures (shouldn't be a rocket-science).
In my company I stay with PiVPN (instead of QVNP) seems more secure,
Same issue here with vpnbook
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1866611
Title:
OpenVPN w. SHA1 signed CA broken after upgrade to 1.1.1d-2ubuntu6
Status in
Here is a solution
https://forums.openvpn.net/viewtopic.php?t=23979#p79185
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1866611
Title:
OpenVPN w. SHA1 signed CA broken
I have the same issue with SecurityKISS VPN.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1866611
Title:
OpenVPN w. SHA1 signed CA broken after upgrade to
As a quick addition for the QVPN app on a Qnap NAS in our network I just
installed a Raspberry 3 with PiVpn (pivpn.io) configured for OpenVPN, as
I'm in doubt Qnap will release an updated QVpn just in Time ...
Works like a charm and installation is super easy. With at least one
connection it
** Tags added: focal
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1866611
Title:
OpenVPN w. SHA1 signed CA broken after upgrade to 1.1.1d-2ubuntu6
Status in openssl
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: openssl (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
This seems to have been caused by the patch 0180-Stop-accepting-
certificates-signed-using-SHA1-at-sec.patch.
I've re-built 1.1.1c-1ubuntu4 (apt source openssl; cd openssl1.1.1c;
dpkg-buildpackage --no-sign; sudo apt install ../libssl1.1_1.1.1c-
1ubuntu4_amd64.deb), which makes my VPN work again.
10 matches
Mail list logo
