OpenVPN Support Forum

Community Support Forum
https://forums.openvpn.net/

Security patches/workarounds needed for OpenVPN 2.3.2

https://forums.openvpn.net/viewtopic.php?t=15306

Page 1 of 1

Security patches/workarounds needed for OpenVPN 2.3.2

Posted: Fri Mar 14, 2014 6:16 am
by innogen
OpenSSL 1.0.1f has been made available since January 6, 2014 (cf. http://www.openssl.org/ )

Tor reported a flaw in OpenVPN's implementation of the SOCKS protocol (cf. "Tor Weekly News, March 12, 2014. https://blog.torproject.org/blog/ )

Would appreciate Samuli and/or his colleagues provide patches/workarounds for the above two issues.

Thanks in advance.

Re: Security patches/workarounds needed for OpenVPN 2.3.2

Posted: Tue Apr 08, 2014 7:57 pm
by cron2
innogen wrote:Tor reported a flaw in OpenVPN's implementation of the SOCKS protocol (cf. "Tor Weekly News, March 12, 2014. https://blog.torproject.org/blog/ )
Well. Call me a lame bastard, but I am *not* going to hunt all over the Internet to see whether someone posts an OpenVPN bug in a blog somewhere.

We have a bug tracker (trac), we have a working openvpn-devel mailing list, and we have an IRC channel.

So if our socks code is indeed broken (which might very well be), we'd appreciate a bug in trac, or a mail to openvpn-devel. Not a blog post somewhere.

gert
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/