Upgrade because of heartbleed
newbieuser1234 last edited by
I know an upgrade is recommended, but I have one machine running 2.0.2 or 2.0.1, I don't recall. It has openvpn installed and requires and cert and username and password to authenticate. Is that vulnerable to heartbleed? The device is in a location that is difficult to access in the event of needing a manual reboot. openvpn is also on a non-standard port. i am worried about an external vulnerability to heartbleed, not internal. any help is appreciated. thanks.
The vulerability was only introduced with 2.1 so you should not be vulnerable to heartbleed.
Additionally OpenVPN is not vulnerable in its default configuarion:
However that doesn't mean that your outdated install isn't vulnerable to all the other fixes that have gone in since 2.0.2. ;)