SparkLabs Forum.

Community Help.


No OpenSSL update?

Hello

Why is OpenSSL not yet updated to the newest version?

PS: Thank you for your great Client!
Hi Alpengreis,

Normally we would have a beta update for Viscosity out straight away with OpenSSL and OpenVPN updates, but we're currently working on a new feature that is taking a little longer than expected, and this OpenSSL update does not have any direct security implications for OpenVPN (with the exception of the increased minimum DH key length).

A beta for Viscosity for Mac is already available with the latest OpenSSL update.

We are expecting to have a new beta available in the next 12-24 hours for Windows including the latest OpenSSL update. If you'd like to be ready to grab it, go to Preferences -> General, and tick Include Beta updates.

Regards,
Eric
Hello Eric

Okay, good to know and sound VERY good :-)

Thank you very much for fast response!

Kind regards
Alpengreis
I just want to elaborate slightly on my previous post for clarity.

The OpenSSL vulnerabilities that the 1.0.2e and 1.0.2f updates address do not affect OpenVPN clients. Version 1.0.2d should not be considered insecure for OpenVPN clients such as Viscosity.

Nevertheless, the latest beta versions of Viscosity always contain the latest version of OpenSSL. The current Beta of Viscosity for Windows contains version 1.0.2e of OpenSSL, and the next Beta release will contain version 1.0.2f.
Instructions for updating can be found at:
http://www.sparklabs.com/forum/viewtopi ... &t=34#p134

Regards,
Eric
4 posts Page 1 of 1

Copyright © 2016 SparkLabs Pty Ltd. All Rights Reserved. Privacy Policy