Since that code (for OpenSSL 1.0.2+) was first added in https://gitlab.com/openconnect/openconnect/-/commit/674881cbb078937d84c9b16219b52d7b56623ba7
On 2 May 2020 11:29:34 BST, Luca Boccassi <bl...@debian.org> wrote: >Package: openconnect >Version: 6.00-2 > >Tracking https://security-tracker.debian.org/tracker/CVE-2020-12105 >Not sure what's the oldest version affected, asked on >https://security-tracker.debian.org/tracker/CVE-2020-12105 > >-- >Kind regards, >Luca Boccassi -- Sent from my Android device with K-9 Mail. Please excuse my brevity.