diff options
author | David Sommerseth | 2016-08-23 15:08:23 +0200 |
---|---|---|
committer | David Sommerseth | 2016-08-23 16:05:00 +0200 |
commit | 8990b218fa9db71714ac42b0095c594e19861320 (patch) | |
tree | cef36e52638ff05e097c852dbe11b2045dfd1ab4 | |
parent | 2bf9954b9acc7b5dfcdc29dfae2527ece64e0fb7 (diff) | |
download | openvpn-2.3.12.zip openvpn-2.3.12.tar.gz |
Preparing release of v2.3.12v2.3.12
Signed-off-by: David Sommerseth <davids@openvpn.net>
-rw-r--r-- | ChangeLog | 46 | ||||
-rw-r--r-- | Changes.rst | 15 | ||||
-rw-r--r-- | version.m4 | 4 |
3 files changed, 63 insertions, 2 deletions
@@ -1,6 +1,52 @@ OpenVPN Change Log Copyright (C) 2002-2015 OpenVPN Technologies, Inc. <sales@openvpn.net> +2016.08.23 -- Version 2.3.12 +Arne Schwabe (2): + Complete push-peer-info documentation and allow IV_PLAT_VER for other platforms than Windows if the client UI supplies it. + Move ASSERT so external-key with OpenSSL works again + +David Sommerseth (3): + Only build and run cmocka unit tests if its submodule is initialized + Another fix related to unit test framework + Remove NOP function and callers + +Dorian Harmans (1): + Add CHACHA20-POLY1305 ciphersuite IANA name translations. + +Ivo Manca (1): + Plug memory leak in mbedTLS backend + +Jeffrey Cutter (1): + Update contrib/pull-resolv-conf/client.up for no DOMAIN + +Jens Neuhalfen (2): + Add unit testing support via cmocka + Add a test for auth-pam searchandreplace + +Josh Cepek (1): + Push an IPv6 CIDR mask used by the server, not the pool's size + +Leon Klingele (1): + Add link to bug tracker + +Samuli Seppänen (2): + Update CONTRIBUTING.rst to allow GitHub PRs for code review purposes + Clarify the fact that build instructions in README are for release tarballs + +Selva Nair (4): + Make error non-fatal while deleting address using netsh + Make block-outside-dns work with persist-tun + Ignore SIGUSR1/SIGHUP during exit notification + Promptly close the netcmd_semaphore handle after use + +Steffan Karger (4): + Fix polarssl / mbedtls builds + Don't limit max incoming message size based on c2->frame + Fix '--cipher none --cipher' crash + Discourage using 64-bit block ciphers + + 2016.05.09 -- Version 2.3.11 James Yonan (1): Fixed port-share bug with DoS potential diff --git a/Changes.rst b/Changes.rst index 1ab3013..b121f01 100644 --- a/Changes.rst +++ b/Changes.rst @@ -100,6 +100,21 @@ Behavioral changes - Do not randomize resolving of IP addresses in getaddr() +Version 2.3.12 +============== + +Security changes +---------------- + +- Deprecation of ciphers using less than 128-bits cipher blocks + + It is highly recommended to avoid using ciphers listed in the new + deprecated section of --show-ciphers. These ciphers are no longer + considered safe to use. If you cannot migrate away from these + ciphers currently, it is strongly recommended to start using + --reneg-bytes with a value less than 64MB. + + Version 2.3.11 ============== @@ -1,9 +1,9 @@ dnl define the OpenVPN version define([PRODUCT_NAME], [OpenVPN]) define([PRODUCT_TARNAME], [openvpn]) -define([PRODUCT_VERSION], [2.3.11]) +define([PRODUCT_VERSION], [2.3.12]) define([PRODUCT_BUGREPORT], [openvpn-users@lists.sourceforge.net]) -define([PRODUCT_VERSION_RESOURCE], [2,3,11,0]) +define([PRODUCT_VERSION_RESOURCE], [2,3,12,0]) dnl define the TAP version define([PRODUCT_TAP_WIN_COMPONENT_ID], [tap0901]) define([PRODUCT_TAP_WIN_MIN_MAJOR], [9]) |