Context Navigation

Changes between Version 3 and Version 4 of VulnerabilitiesFixedInOpenSSL1.0.1i

-                      v3
+                      v4
 ||DTLS memory leak from zero-length fragments||CVE-2014-3507||No. OpenVPN does not use DTLS.||
 ||OpenSSL DTLS anonymous EC(DH) denial of service||CVE-2014-3510||No. OpenVPN does not use DTLS.||
 ||OpenSSL TLS protocol downgrade attack||CVE-2014-3511||No. OpenVPN already defaults to TLS 1.0.||
+||OpenSSL TLS protocol downgrade attack||CVE-2014-3511||No. OpenVPN already defaults to TLS 1.0 [2].||
 ||SRP buffer overrun||CVE-2014-3512||No. OpenVPN does not use SRP.||
 [1] This one triggers direct vulnerability in OpenVPN. Stack information is not leaked to the peer. It might be possible that the leaked information is passed on to a client script / plugin (not sure what form the leaked information has, if it's the leaked information is after a NUL-byte, it's probably not exported). Such a plugin/script could then leak the information to the attacker.
+[2] If you are using OpenVPN 2.3.3 or OpenVPN 2.3.4 and have enabled newer TLS versions by using option tls-version-min in your configuration, your configuration is vulnerable to the protocol downgrade attack. However, it will still be as least as secure as a setup without tls-version-min in its configuration.