[GH-ISSUE #1621] Unsupported or vulnerable versions of OpenSSL used for macOS and Windows #1199

New issue

Open

opened 2026-05-05 07:35:42 -06:00 by gitea-mirror · 0 comments

gitea-mirror commented 2026-05-05 07:35:42 -06:00

Owner

Copy link

Originally created by @tmshort on GitHub (Mar 25, 2022).
Original GitHub issue: https://github.com/debauchee/barrier/issues/1621

What happened?

According to the logs, barrier is using unsupported (in the case of 1.0.2l) or vulnerable (in the case of 1.1.1g) versions of OpenSSL. The most recent versions of OpenSSL should be used.

Note that Windows doesn't include OpenSSL, and macOS includes LibreSSL, which does not appear to be the version referenced in the logs below.

Version

v2.4.0

Git commit hash (if applicable)

No response

If applicable, where did you install Barrier from?

Downloaded from github.

What OSes are you seeing the problem on? (Check all that apply)

Windows, macOS

What OS versions are you using?

Windows 10
macOS 11.x, 12.x

Relevant log output

On the Windows client, I see the following SSL info in the log:

[2022-03-23T14:07:31] INFO: log level: INFO
[2022-03-23T14:07:31] INFO: service command updated
[2022-03-23T14:07:32] INFO: starting new process as privileged user
[2022-03-23T14:07:32] INFO: drag and drop enabled
[2022-03-23T14:07:32] NOTE: started client
[2022-03-23T14:07:32] NOTE: connecting to '192.168.0.88': 192.168.0.88:24800
[2022-03-23T14:07:32] INFO: OpenSSL 1.0.2l 25 May 2017
server status: active

For the MAC client, we see this SSL info in the log:

[2022-03-24T16:04:37] INFO: log level: INFO
[2022-03-24T16:04:37] INFO: drag and drop enabled
[2022-03-24T16:04:37] NOTE: started client
[2022-03-24T16:04:37] NOTE: connecting to '192.168.0.99': 192.168.0.99:24800
[2022-03-24T16:04:37] INFO: OpenSSL 1.1.1g 21 Apr 2020

Any other information

OpenSSL 1.0.2 is out of support.
OpenSSL 1.1.1n is the latest version of OpenSSLLTS 1.1.1, and it fixed numerous vulnerabilities

Originally created by @tmshort on GitHub (Mar 25, 2022). Original GitHub issue: https://github.com/debauchee/barrier/issues/1621 ### What happened? According to the logs, barrier is using unsupported (in the case of 1.0.2l) or vulnerable (in the case of 1.1.1g) versions of OpenSSL. The most recent versions of OpenSSL should be used. Note that Windows doesn't include OpenSSL, and macOS includes LibreSSL, which does not appear to be the version referenced in the logs below. ### Version v2.4.0 ### Git commit hash (if applicable) _No response_ ### If applicable, where did you install Barrier from? Downloaded from github. ### What OSes are you seeing the problem on? (Check all that apply) Windows, macOS ### What OS versions are you using? Windows 10 macOS 11.x, 12.x ### Relevant log output ```shell On the Windows client, I see the following SSL info in the log: [2022-03-23T14:07:31] INFO: log level: INFO [2022-03-23T14:07:31] INFO: service command updated [2022-03-23T14:07:32] INFO: starting new process as privileged user [2022-03-23T14:07:32] INFO: drag and drop enabled [2022-03-23T14:07:32] NOTE: started client [2022-03-23T14:07:32] NOTE: connecting to '192.168.0.88': 192.168.0.88:24800 [2022-03-23T14:07:32] INFO: OpenSSL 1.0.2l 25 May 2017 server status: active For the MAC client, we see this SSL info in the log: [2022-03-24T16:04:37] INFO: log level: INFO [2022-03-24T16:04:37] INFO: drag and drop enabled [2022-03-24T16:04:37] NOTE: started client [2022-03-24T16:04:37] NOTE: connecting to '192.168.0.99': 192.168.0.99:24800 [2022-03-24T16:04:37] INFO: OpenSSL 1.1.1g 21 Apr 2020 ``` ### Any other information OpenSSL 1.0.2 is out of support. OpenSSL 1.1.1n is the latest version of OpenSSLLTS 1.1.1, and it fixed numerous vulnerabilities

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

master

enhancement/builds/windows-multi-versions-build

martin-furter-barrier-term

enhancement/builds/macos-universal

enhancement/builds/macos-universal-qt6-test

2.3.x

fix/lang-translation/ssl-slash-tls

feature/build/compile/32-bit

feature/build/compile/armv7

testing-framework

README-update

remotes/fork/README-update

remotes/fork/smartzeroconf

smartzeroconf

pages-devel

remotes/fork/pages-devel

pkgconfig

remotes/fork/pkgconfig

release

remotes/fork/release

v2.4.0

v2.3.4

v2.3.3

1.11.0-stable

v1.11.0-rc2

v2.3.2

v1.10.3-stable

v2.3.2-alpha

v2.3.1

v2.3.0

v1.10.2-stable

v1.10.2-rc1

v1.10.2-rc2

v2.1.2

v2.0.8-beta

v2.0.7-beta

v2.0.4-beta

v2.0.3-beta

v2.1.1

v2.1.0

v1.9.1-stable

v2.0.0

v1.9.0-stable

v2.0.0-RC2

v2.0.0-RC1

v2.0.0-stable

v1.8.8-stable

v1.8.7-stable

v1.8.6-stable

v1.8.5-stable

v1.8.4-stable

v1.8.3-stable

v1.8.1-stable

v1.8.0-beta

v1.7.3-stable

v1.7.2-stable

v1.7.1-stable

1.7.0

1.6.3-final

1.6.2

1.6.1

1.6.0

Labels

Clear labels   

HiDPI

  

bounty

  

bsd/freebsd

  

bsd/openbsd

  

bug

  

bug

  

build-infra

  

cantfix

  

critical

  

doc

  

duplicate

  

enhancement

  

fix-available

  

from git

  

from release

  

good first issue

  

help wanted

  

installer/package

  

invalid

  

linux

  

macOS

  

meta

  

needs testing

  

pull-request

Mirrored from GitHub Pull Request

  

query

  

question

  

regression

  

regression

  

v2.4.0

  

windows

  

wontfix

  

work-in-progress

No labels

HiDPI

bounty

bsd/freebsd

bsd/openbsd

bug

bug

build-infra

cantfix

critical

doc

duplicate

enhancement

fix-available

from git

from release

good first issue

help wanted

installer/package

invalid

linux

macOS

meta

needs testing

pull-request

query

question

regression

regression

v2.4.0

windows

wontfix

work-in-progress

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/barrier#1199

No description provided.