Closed Neustradamus closed 3 years ago
There no security fixes etc, so this is not urgent.
This should be resolved with commit 2952f5611a55356fdf4c456a0d3133d5d4b70f07.
Perfect, it is important to have the latest libraries (it is for all OpenVPN sourcecodes) :)
Perfect, it is important to have the latest libraries (it is for all OpenVPN sourcecodes) :)
Ehm. No, not really. It's important to have the latest versions with important and critical security fixes. This update was more or less a coincidence triggered by some other work we had going.
The changes from 1.1.1g to 1.1.1h are just non-critical bug fixes and other smaller code enhancements. For a security product "the latest and greatest" doesn't necessarily mean "the most secure".
In addition, this change we pulled in here is only relevant if you don't compile against OpenSSL libraries already installed on the system. It only affects those compiling against OpenVPN 3 specific builds of OpenSSL using the dependency build scripts provided in this project.
For all OpenVPN 3 users using system provided OpenSSL (like openvpn3-linux) or solutions using a different OpenSSL dependency integration (like OpenVPN for Android) users, this update will not result in any effective change at all.
OpenSSL 1.1.1h is out yesterday