diff options
author | Gert Doering | 2022-03-15 20:03:43 +0100 |
---|---|---|
committer | Gert Doering | 2022-03-16 11:08:57 +0100 |
commit | 058407a89cb812115b383570b12f4c2fde500d39 (patch) | |
tree | a92c111aef68adbffd81c24c2096c96ba962ba00 | |
parent | 58ec3bb4aac77131118dbbc39a65181e7847adee (diff) | |
download | openvpn-058407a89cb812115b383570b12f4c2fde500d39.zip openvpn-058407a89cb812115b383570b12f4c2fde500d39.tar.gz |
Preparing release v2.4.12 (ChangeLog, version.m4, Changes.rst)v2.4.12
Signed-off-by: Gert Doering <gert@greenie.muc.de>
-rw-r--r-- | ChangeLog | 23 | ||||
-rw-r--r-- | Changes.rst | 47 | ||||
-rw-r--r-- | version.m4 | 4 |
3 files changed, 71 insertions, 3 deletions
@@ -1,6 +1,29 @@ OpenVPN Change Log Copyright (C) 2002-2018 OpenVPN Inc <sales@openvpn.net> +2022.03.16 -- Version 2.4.12 + +Arne Schwabe (1): + Remove always enabled USE_64_BIT_COUNTERS define + +David Korczynski (1): + Fix argv leaks in add_route() and add_route_ipv6() + +David Sommerseth (1): + plug-ins: Disallow multiple deferred authentication plug-ins + +Gert Doering (2): + Revert "Remove always enabled USE_64_BIT_COUNTERS define" + Fix --mtu-disc maybe|yes on Linux. + +Richard T Bonhomme (1): + doc openvpn.8: Use free open-source dynamic-DNS provider URL + +Selva Nair (2): + Apply the connect-retry backoff to only one side of a connection + Ensure the current common_name is in the environment for scripts + + 2021.04.20 -- Version 2.4.11 Arne Schwabe (1): diff --git a/Changes.rst b/Changes.rst index 2d472f7..01d00ad 100644 --- a/Changes.rst +++ b/Changes.rst @@ -321,8 +321,53 @@ Maintainer-visible changes i386/i686 builds on RHEL5. +Version 2.4.12 +============== +This is primarily a maintenance release with minor bugfixes and improvements. + +As of this release, OpenVPN 2.4 will from now only receive security and +critical bug fixes for the next 12 months. This is also the last +OpenVPN 2.4 Windows release provided by the project. Please consider +to upgrade to the latest OpenVPN 2.5 release. For more details, see +https://community.openvpn.net/openvpn/wiki/SupportedVersions + +Bug fixes +--------- +- CVE-2022-0547 + see https://community.openvpn.net/openvpn/wiki/SecurityAnnouncements + + If openvpn is configured with multiple authentication plugins and + more than one plugin tries to do deferred authentication, the result + is not well-defined - creating a possible authentication bypass. + + In this situation the server process will now abort itself with a clear + log message. Only one plugin is allowed to do deferred authentication. + +- Fix "--mtu-disc maybe|yes" on Linux + + Due to configure/syshead.h/#ifdef confusion, the code in question was + not compiled-in since a long time. Fixed. Trac: #1452 + +- Fix $common_name variable passed to scripts when username-as-common-name + is in effect. + + This was not consistently set - sometimes, OpenVPN exported the username, + sometimes the common name from the client cert. Fixed. Trac: #1434 + +- Fix potential memory leaks in add_route() and add_route_ipv6(). + +- Apply connect-retry backoff only to one side of the connection in + p2p mode. Without that fix/enhancement, two sides could end up + only sending packets when the other end is not ready. Trac: #1010, #1384 + + +Enhancements +------------ +- documentation improvements related to DynDNS. Trac: #1417 + + Version 2.4.11 -============= +============== This is primarily a maintenance release with minor bugfixes and improvements. Bug fixes @@ -3,12 +3,12 @@ define([PRODUCT_NAME], [OpenVPN]) define([PRODUCT_TARNAME], [openvpn]) define([PRODUCT_VERSION_MAJOR], [2]) define([PRODUCT_VERSION_MINOR], [4]) -define([PRODUCT_VERSION_PATCH], [.11]) +define([PRODUCT_VERSION_PATCH], [.12]) m4_append([PRODUCT_VERSION], [PRODUCT_VERSION_MAJOR]) m4_append([PRODUCT_VERSION], [PRODUCT_VERSION_MINOR], [[.]]) m4_append([PRODUCT_VERSION], [PRODUCT_VERSION_PATCH], [[]]) define([PRODUCT_BUGREPORT], [openvpn-users@lists.sourceforge.net]) -define([PRODUCT_VERSION_RESOURCE], [2,4,11,0]) +define([PRODUCT_VERSION_RESOURCE], [2,4,12,0]) dnl define the TAP version define([PRODUCT_TAP_WIN_COMPONENT_ID], [tap0901]) define([PRODUCT_TAP_WIN_MIN_MAJOR], [9]) |