A new security audit has found critical vulnerabilities in VeraCrypt, an open-source, full-disk encryption program that’s the direct successor to the widely popular, but now defunct, TrueCrypt. The audit found 8 critical vulnerabilities, 3 med-risk vulnerabilities and 15 low-impact flaws, some of them were unpatched issues previously discovered by an older TrueCrypt audit. Another change made following the audit was the removal of the Russian GOST 28147-89 encryption standard, whose implementation the auditors deemed unsafe.
http://www.pcworld.com/article/3132368/security/critical-flaws-found-in-open-source-encryption-software-veracrypt.html