[Openswan dev] Openswan and Debian OpenSSL vulnerability

Paul Wouters paul at xelerance.com
Sun May 18 19:15:11 EDT 2008

On Sun, 18 May 2008, D. Hugh Redelmeier wrote:

> According to this page, http://wiki.debian.org/SSLkeys, both Openswan and
> StrongSWAN are vulnerable to the Debian OpenSSL vulnerability.

Only X.509 keys generated using openssl on Debian. Raw RSA host keys
generated on debian systems by Openswan are fine. Openswan does not
use openssl code anywhere (except openswan 3.x uses some, but not for
generating long term keys).

Building and integrating Virtual Private Networks with Openswan:

More information about the Dev mailing list