Version 1.4.8 of Viscosity for both Mac and Windows is now available! This version addresses the recent OpenSSL "Heartbleed" security vulnerability, and all users are strongly advised to update to this release as soon as possible.
The OpenSSL "Heartbleed" bug is a very serious vulnerability in versions 1.0.1 to 1.0.1f of OpenSSL. OpenSSL is OpenVPN's default library for providing encryption services and hence OpenVPN users are exposed to this flaw. While it is more difficult for an attacker to target an OpenVPN client than a server, it could still potentially allow an attacker to obtain session keys and decrypted data and so it should be treated seriously. Version 1.0.1g of OpenSSL fixes this flaw and this is the version included with Viscosity 1.4.8.
For more information regarding the OpenSSL "Heartbleed" bug please visit The Heartbleed Bug website. For further information on how this bug can affect OpenVPN users please visit the OpenVPN Community Wiki Page.
Version 1.4.8 Mac Release Notes:
added
Adds option for automatic HTTP Proxy authentication
updated
OpenSSL updated to version 1.0.1g (resolves "Heartbleed" bug)
fixed
Resolves issue where HTTP Proxy credentials may fail to save to Keychain
fixed
Various bug fixes and enhancements
Version 1.4.8 Windows Release Notes:
added
Adds option for automatic HTTP Proxy authentication
improved
Localization updates
updated
OpenSSL updated to version 1.0.1g (resolves "Heartbleed" bug)
fixed
Resolves driver signing issue (build 1236)
fixed
Various bug fixes and enhancements
The 1.4.8 update can be automatically installed from inside Viscosity, or downloaded and manually installed. For support with this version please visit our support section.