Changes between Version 2 and Version 3 of SecurityAnnouncement-FREAK


Ignore:
Timestamp:
03/05/15 13:11:38 (9 years ago)
Author:
Samuli Seppänen
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • SecurityAnnouncement-FREAK

    v2 v3  
    1 The OpenSSL versions bundled in official ''Windows installers'' prior to 2.3.6-I002/I602 of OpenVPN are vulnerable to [https://www.smacktls.com/ FREAK]. OpenVPN users on *NIX typically get an updated OpenSSL version through their package management system and do not need to update OpenVPN.
     1The OpenSSL versions bundled in official OpenVPN ''Windows installers'' prior to 2.3.6-I002/I602 are vulnerable to [https://www.smacktls.com/ FREAK]. All users of the official OpenVPN Windows installers are encouraged to upgrade their OpenVPN installations or to take other measures (see below) to mitigate the attacks. OpenVPN users on *NIX typically get an updated OpenSSL version through their package management system and do not need to update OpenVPN.
    22
    33Fortunately the vulnerability's impact on OpenVPN is fairly small: