Critical security flaw: Missing crl-verify openvpn option
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
network-manager-openvpn (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
Many VPN providers will give a Certificate Revocation List crl.pem file in their OpenVPN packages. The CRL list is becoming increasingly important after the Heartbleed bug was exposed, leaving many servers vulnerable to attack by unauthorized certificates. Is there any way to manually pass the option 'crl-verify crl.pem' to openvpn by editing a file somewhere?
I'm having a difficult time understanding how the network-
information type: | Private Security → Public Security |
information type: | Public Security → Public |