Only routers that were using the Tor or OpenVPN functionality in Gargoyle were vulnerable to the heartbleed bug. Anyone who is using either of these applications is strongly advised to upgrade.
Also, functionality to clear out old OpenVPN keys and certificates has been introduced (disable OpenVPN, then click "Clear All Existing OpenVPN keys"). It is strongly recommended that anyone running an OpenVPN server on a router that was potentially vulnerable to heartbleed, take advantage of this functionality and regenerate all of their keys and certificates. The primary reason for the slight delay in this release from when heartbleed was first disclosed was to implement this functionality. Since OpenVPN is one of only two vulnerable applications, it made sense to make sure the ability to clear old, vulnerable keys was implemented along with the fix for the bug itself.
New in 1.6.1:
- Fixes "heartbleed" bug in OpenSSL, OpenSSL upgraded to 1.0.1g which is not vulnerable
- Ability to clear old keys and certificates when OpenVPN is disabled implemented
- New option to explicitly block nonOpenVPN traffic in OpenVPN Client, preventing problems if OpenVPN connection dies
- Notice of OpenVPN status added to login page when OpenVPN client is active
- Fixes implementation of DMZ, should now work with port forwarding again
- Improved identification of default ping target for QoS ACC
- Tor version upgraded to latest stable 0.2.4.21
- Add German Translation (Thanks to Thomas Knepper)