Hi Tom
>
> From: Tom Kunz
> Sent: Wed May 13 23:43:55 CEST 2015
> To: Lisa Minogue
> Subject: Re: OpenVPN and XOR patches
>
> Hi Lisa,
> One thing to keep in mind with the Tor/obfsproxy and stunnel, is that once
> you get
>
> From: Samuli Seppänen
> Sent: Wed May 13 15:07:03 CEST 2015
> To: Lisa Minogue , ,
> Jonathan K. Bullard
> Subject: Re: [Openvpn-devel] Request peer review of modified OpenVPN client
> software
>
> The obfuscation guide
Hi David
> From: David Sommerseth
> Sent: Tue May 12 23:07:52 CEST 2015
> To: Lisa Minogue , Jonathan K. Bullard
> Subject: Re: [Openvpn-devel] Request peer review of modified OpenVPN client
> software
>
> So if there are issues in stunnel, try asking that community i
> "Jonathan K. Bullard" wrote:
>
> The openvpn_xorpatch which as introduced and discussed in this thread does
> have some vulnerabilities.
>
> Most of the vulnerabilities are null pointer dereferences or other errors
> when parsing the "scramble" option or are triggered by unlikely values for
>
> Arne Schwabe wrote:
>
> It has probably some obfuscation/encryption patches applied. There is no
> official obfuscation capability in OpenVPN yet since the core OpenVPN
> developers believe that such a mechansim should be either implemented in a
> plugin or other way (e.g., a proxy) that is f
Hi guys,
I obtained a modified OpenVPN client software from a friend and wonder if any
of you would like to help review it for security vulnerabilities, design flaws,
incorrect implemention of code, etc...
To the best of my knowledge, modifications include the ability to provide
obfuscation an
Hi Samuli
I'm no expert of OpenVPN or OpenSSL and it be nice of you if you could tell me
whether the latest OpenVPN's installers for Microsoft Windows OS have been
built with "no-ssl3" flag in OpenSSL 1.0.1j.
Regards.
Lisa
-
Mail.be, WebMail
OpenSSL.
Lisa
>
> From: Arne Schwabe
> Sent: Fri Oct 17 15:37:37 CEST 2014
> To: Lisa Minogue ,
> Subject: Re: [Openvpn-devel] New OpenVPN bundles for Windows platform that
> incorporate OpenSSL 1.0.1j
>
>
> Am 17.10.14 13:16, schrieb Lisa Min
-
> From: Илья Шипицин
> Sent: Fri Oct 17 21:59:04 CEST 2014
> To: Lisa Minogue
> Subject: Re: [Openvpn-devel] New OpenVPN bundles for Windows platform that
> incorporate OpenSSL 1.0.1j
>
>
> can you please describe carefully, how those vulnerabilities do affect
> O
This issue was reported to OpenSSL by Akamai Technologies on 14th October 2014.
The fix was developed by Akamai and the OpenSSL team.
>
> From: Илья Шипицин
> Sent: Fri Oct 17 21:59:04 CEST 2014
> To: Lisa Minogue
> Subject: Re: [Openvpn-d
Have you looked carefully into what security vulnerabilities OpenSSL 1.0.1j
fixes, other than Poodle?
Lisa
>
> From: Arne Schwabe
> Sent: Fri Oct 17 15:37:37 CEST 2014
> To: Lisa Minogue ,
> Subject: Re: [Openvpn-devel] New OpenVPN bund
Hi Samuli
I just wish to thank you in advance for preparing and compiling new OpenVPN
bundles for Microsoft Windows OS that incorporate OpenSSL 1.0.1j.
Best regards.
Lisa
-
Mail.be, WebMail and Virtual Office
http://www.mail.be
en
> Sent: Mon Jul 21 14:44:11 CEST 2014
> To: Gert Doering , Lisa Minogue
> Subject: Re: [Openvpn-devel] OpenSSL in OpenVPN software to be replaced?
>
>
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
>
>
> > Hi,
> >
> > On Mon, Jul 21
Hi guys,
It's been universally acknowledged that you all have been doing a wonderful job
by providing free, open-source OpenVPN software and free support for it over
the past few years.
However a few days ago OpenSSL, in a project roadmap last modified on July 16,
stated [sic]"there are a very
Hi,
I happened to read some information about OpenVPN-NL.
According to https://openvpn.fox-it.com/background.html a Dutch government
agency is of the opinion that among many other reasons, OpenVPN allows insecure
configurations.
Would OpenVPN developers like to investigate the Dutch government
According to Debian Security Advisory DSA-2931-1
(http://www.debian.org/security/2014/dsa-2931) a bug in OpenSSL could result in
a denial of service.
Is OpenVPN 2.3.4 software (community edition, Microsoft Windows, Mac OS, *nix
versions) affected by it?
-
--
> From: Gert Doering
> Sent: Sun Apr 13 12:40:46 CEST 2014
> To: Lisa Minogue
> Subject: Re: [Openvpn-devel] Openvpn 2.3.3 (community edition) and "Socks V5
> method selection"
>
>
> Hi,
>
> On Sun, Apr 13, 2014 at 05:42:17AM +0200, Lisa Minogue wro
Hello
I would like to know if the latest version of Openvpn 2.3.3 (community edition)
has incorporated the fix for "Socks V5 method selection" flaw? If not, when
does Openvpn plan to incorporate it?
For more information please click the following links:
https://lists.torproject.org/pipermail/t
I would prefer that Samuli patches pkcs11 for Debian/Ubuntu. I am sure patches
for pkcs11 exist for other Linux distros. So why should Debian/Ubuntu be left
out? In addition Ubuntu is the most popular among Linux distros.
How long does it take for Samuli to issue the pkcs11 patch for Debian/Ubun
19 matches
Mail list logo
