OpenSSL Security Advisory (CVE-2015-1793)
Many of our users have been asking us about the recent OpenSSL security advisory that was patched on July 9, 2015, and whether or not PIA's client software is vulnerable. We would like to take this opportunity to let users know that our client software is not affected by this vulnerability. The OpenSSL version we bundle with our clients (1.0.1i) is not affected by this advisory.
However, if you are using a third-party VPN client, including a basic OpenVPN installation, please be sure to upgrade to the latest version that includes the security fixes for OpenSSL.
Thank you.