이 블로그 게시물은 9년이 지났으며 최신 정보가 아닐 수 있습니다.
Third-party clients affected by OpenSSL security advisory
A security vulnerability in the cryptographic library OpenSSL was just disclosed. OpenVPN clients that use vulnerable versions can be tricked into accepting a man-in-the-middle attacker as a valid VPN server.
The Mullvad client in Windows and OSX is not affected. Stable releases of most Linux distributions like Ubuntu, Fedora and Debian are not affected. Users of unstable or rolling-release distributions should upgrade.
The latest version (2.3.7) of the official OpenVPN client is vulnerable, as is Tunnelblick for OSX. No fix has been published yet. The OpenVPN clients for Android and iOS are not affected.