25 | | All OpenVPN Windows client installers are shipped with OpenSSL. However, only installer versions ''2.3-rc2-I001'' through ''2.3.2-I003'' ship a vulnerable version. Installer version ''2.3.2-I004'' fixes this vulnerability by bundling OpenSSL 1.0.1g. New binaries are available on http://openvpn.net/index.php/open-source/downloads.html . |
| 25 | All OpenVPN Windows client installers are shipped with OpenSSL. However, only installer versions ''2.3-rc2-I001'' through ''2.3.2-I003'' ship a vulnerable version. Installer version ''2.3.2-I004'' fixes this vulnerability by bundling OpenSSL 1.0.1g. The fixed version can be downloaded from [http://openvpn.net/index.php/open-source/downloads.html here]. |
| 26 | |
| 27 | If you want to verify whether the version of OpenSSL in your OpenVPN installation is vulnerable, go to ''C:\Program Files\OpenVPN\bin'' using Windows Explorer, right-click on ''libeay32.dll'' and check what ''Details -> Product Version'' says. |