On October 14th 2014, Google released a SSLv3 vulnerability called 'Poodle':

The vulnerability allows an attacker to obtain the plaintext of connections secures with SSLv3.

For a more in-depth discussion check:

Is OpenVPN affected?

No. OpenVPN 2.x never supported SSLv3 or SSLv3 fallback. OpenVPN has always been strictly TLS 1.0 or TLS 1.0+.

Last modified 6 years ago Last modified on 10/15/14 08:04:29