

PolarSSL Remote Code Execution and a Denial of Service - draugadrotten
https://www.certifiedsecure.com/polarssl-advisory/

======
feld
In the case of OpenVPN -- can anyone confirm if this is mitigated simply by
requiring a ta key? I believe it would, as the server won't move to the next
step and process certificates/keys unless the ta key is accepted.

