IXON VPN Client 1.4.2

VPN Client release

  • Week 45
  • VPN Client 1.4.2

Frequency
The VPN Client occasionally receives updates. These release notes can also be found at Fleet Manager > Tools > VPN Client > Details.

Maintenance

  • Updated bundled OpenSSL to version 1.1.1q
  • Updated bundled OpenVPN to version 2.5.8

Security

  • Updated bundled stunnel to version 5.67

Notes

Regarding OpenSSL vulnerabilities CVE-2022-3786 and CVE-2022-3602:

  • the VPN Client and OpenVPN are built with OpenSSL 1.1.1 and are not vulnerable.
  • stunnel:
    • Windows and macOS: 5.67 is built with OpenSSL 3.0.7, which addresses the CVEs.
    • Linux: the package manager’s stunnel is used, which usually dynamically links to the system OpenSSL version. Consult your distribution if you need to update your stunnel and/or OpenSSL packages.

For more information refer to the advisory INF-2022-11-03 - OpenSSL vulnerabilities & VPN Client