The following list contains advisories for security issues in tinc in old versions:
- [CVE-2013-1428](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1428),
- [DSA-2663](http://www.debian.org/security/2013/dsa-2663),
+ [DSA-2663](https://www.debian.org/security/2013/dsa-2663),
[Sitsec advisory](http://sitsec.net/blog/2013/04/22/stack-based-buffer-overflow-in-the-vpn-software-tinc-for-authenticated-peers):
stack based buffer overflow
For those who run tinc on Debian or Debian-based distributions like
Ubuntu and Knoppix, be advised that the following security issue
affects tinc as well:
-[http://www.debian.org/security/2008/dsa-1571](http://www.debian.org/security/2008/dsa-1571)
+[https://www.debian.org/security/2008/dsa-1571](https://www.debian.org/security/2008/dsa-1571)
In short, if you generated public/private keypairs for tinc between
2006 and May 7th, 2008 on a machine running Debian or a derivative,
they may have been generated without a properly seeded random