| 1 | = Introduction = |
| 2 | |
| 3 | This page lists all security announcements made by the OpenVPN project. |
| 4 | |
| 5 | = Announcements = |
| 6 | |
| 7 | * [wiki:SecurityAnnouncement-f375aa67cc Security announcement: use of non-constant-time memcmp in HMAC comparison in openvpn_decrypt] (Mar 2013) |
| 8 | * [wiki:TLSTripleHandshakeVulnerabilityAndOpenVPN TLS Triple Handshake Vulnerability and OpenVPN] (Mar 2013) |
| 9 | * [wiki:heartbleed OpenSSL 'Heartbleed' vulnerability and OpenVPN] (Apr 2014) |
| 10 | * [wiki:CCSInjection OpenSSL CCS Injection Vulnerability (CVE-2014-0224) and OpenVPN] (Jun 2014) |
| 11 | * [wiki:SecurityAnnouncement-97597e732b Security announcement: critical denial of service vulnerability] (Nov 2014) |
| 12 | * [wiki:VulnerabilitiesFixedInOpenSSL1.0.1i Vulnerabilities fixed in OpenSSL 1.0.1i] |
| 13 | * [wiki:VulnerabilitiesFixedInOpenSSL1.0.1j Vulnerabilities fixed in OpenSSL 1.0.1j] |
| 14 | * [wiki:SecurityAnnouncement-FREAK Security announcement: The FREAK vulnerability] |
| 15 | * [wiki:VulnerabilitiesFixedInOpenSSL1.0.1m Vulnerabilities fixed in OpenSSL 1.0.1m] |
| 16 | |