wiki:SecurityAnnouncements

Context Navigation

Version 5 (modified by David Sommerseth, 9 years ago) (diff)
Added CVE-2014-8104 and moved it up so the date sort is correct

Introduction

This page lists all security announcements made by the OpenVPN project.

Announcements

Vulnerabilities fixed in OpenSSL 1.0.1m (Mar 2015)
Security announcement: The FREAK vulnerability (Mar 2015)
Security announcement: critical denial of service vulnerability (CVE-2014-8104) (Nov 2014)
Vulnerabilities fixed in OpenSSL 1.0.1j (Oct 2014)
Vulnerabilities fixed in OpenSSL 1.0.1i (Aug 2014)
OpenSSL CCS Injection Vulnerability (CVE-2014-0224) and OpenVPN (Jun 2014)
OpenSSL 'Heartbleed' vulnerability and OpenVPN (Apr 2014)
TLS Triple Handshake Vulnerability and OpenVPN (Mar 2013)
Security announcement: use of non-constant-time memcmp in HMAC comparison in openvpn_decrypt (CVE-2013-2061) (Mar 2013)

Download in other formats:

Plain Text