Hi, On Tue, Feb 21, 2012 at 05:15:22PM +0200, Alon Bar-Lev wrote: > OpenVPN supports minimum openssl version of 0.9.6, while this version > is unsupported by upstream and probably a security risk. > > What would be a suitable minimum version to support? > > I think that 0.9.8 is the one.
FreeBSD 7.3 has 0.9.8e, and that's the oldest version supported by
the FreeBSD security team. So if anyone wants to run OpenVPN on an
older version of FreeBSD, they need to use the ports version of
openssl - but that's their decision to not upgrade.
I'm not exactly sure at which point NetBSD and OpenBSD moved to 0.9.8,
but I'm fairly sure that dropping support for anything older than
that is OK for these platforms as well (and if needed, the pkgsrc
version of openssl can be used).
So "+1" on that one.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany g...@greenie.muc.de
fax: +49-89-35655025 g...@net.informatik.tu-muenchen.de
pgpaExJchDDlV.pgp
Description: PGP signature
