Gert Doering <g...@greenie.muc.de> on Tue, 2020/04/21 20:59: > Hi, > > On Tue, Apr 21, 2020 at 08:37:35PM +0200, Gert Doering wrote: > > On Tue, Apr 21, 2020 at 02:15:43PM -0400, mike tancsa wrote: > > > Will the sec issue with OpenSSL force a new release of OpenVPN ? > > > > > > https://www.openssl.org/news/secadv/20200421.txt > > So, speaking to myself again :-) - I've looked at the advisory, and > it talks about "Server or client applications that call the > SSL_check_chain() function". > > Which we don't, I just grepped through our source tree. > > So, unless I misunderstand something about OpenSSL intricacies, I think > we're safe - no new installers needed, and OpenVPN is not in risk.
Are you sure that openvpn code does not call any openssl function that calls SSL_check_chain() then? Did not check, but I guess that's possible. -- main(a){char*c=/* Schoene Gruesse */"B?IJj;MEH" "CX:;",b;for(a/* Best regards my address: */=0;b=c[a++];) putchar(b-1/(/* Chris cc -ox -xc - && ./x */b/42*2-3)*42);}
pgpnhhPdodxsP.pgp
Description: OpenPGP digital signature
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel