-his opinion. We do not know of a way to exploit these weaknesses, but we will
-address these issues in tinc 2.0.
+his opinion. We do not know of a way to exploit these weaknesses, but these
+issues are being addressed in the tinc 1.1 branch.
+
+The Sweet32 attack affects versions of tinc prior to 1.0.30.
+
+On September 6th, 2018, Michael Yonly contacted us and provided
+proof-of-concept code that allowed a remote attacker to create an
+authenticated, one-way connection with a node, and also that there was a
+possibility for a man-in-the-middle to force UDP packets from a node to be sent
+in plaintext. The first issue was trivial to exploit on tinc versions prior to
+1.0.30, but the changes in 1.0.30 to mitigate the Sweet32 attack made this
+weakness much harder to exploit. These issues have been fixed in tinc 1.0.35.
+The new protocol in the tinc 1.1 branch is not susceptible to these issues.