[prev in list] [next in list] [prev in thread] [next in thread]
List: openvpn-users
Subject: Re: [Openvpn-users] CVE-2021-3712 and OpenVPN
From: Gert Doering <gert () greenie ! muc ! de>
Date: 2021-08-25 12:15:47
Message-ID: YSY0cwaFPU8npOw/ () greenie ! muc ! de
[Download RAW message or body]
[Attachment #2 (multipart/signed)]
Hi,
On Tue, Aug 24, 2021 at 04:15:51PM -0400, mike tancsa wrote:
> Has anyone had a chance to look at the latest OpenSSL sec issue and
> if and how it might impact OpenVPN ?
>
> https://www.openssl.org/news/secadv/20210824.txt
>
> I always get a little worried with it involves x509 processing
We think that OpenVPN is not affected.
- SM2 is a cipher we do not use (it might work, but it's not used
by default ever)
- we never construct ASN1 strings and pass them to OpenSSL
gert
--
"If was one thing all people took for granted, was conviction that if you
feed honest figures into a computer, honest figures come out. Never doubted
it myself till I met a computer with a sense of humor."
Robert A. Heinlein, The Moon is a Harsh Mistress
Gert Doering - Munich, Germany gert@greenie.muc.de
["signature.asc" (application/pgp-signature)]
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic