Browse code
Updated ChangeLog and version number.
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@3147 e7ae566f-a301-0410-adde-c780ea21d3b5
james authored on 2008/08/01 02:44:52Showing 2 changed files
| ... | ... |
@@ -3,6 +3,27 @@ Copyright (C) 2002-2008 Telethra, Inc. <sales@openvpn.net> |
| 3 | 3 |
|
| 4 | 4 |
$Id$ |
| 5 | 5 |
|
| 6 |
+2008.07.31 -- Version 2.1_rc9 |
|
| 7 |
+ |
|
| 8 |
+* Security Vulnerability -- affects non-Windows OpenVPN clients running |
|
| 9 |
+ OpenVPN 2.1-beta14 through 2.1-rc8 (OpenVPN 2.0.x clients are NOT |
|
| 10 |
+ vulnerable nor are any versions of the OpenVPN server vulnerable). |
|
| 11 |
+ An OpenVPN client connecting to a malicious or compromised |
|
| 12 |
+ server could potentially receive an "lladdr" or "iproute" configuration |
|
| 13 |
+ directive from the server which could cause arbitrary code execution on |
|
| 14 |
+ the client. A successful attack requires that (a) the client has agreed |
|
| 15 |
+ to allow the server to push configuration directives to it by including |
|
| 16 |
+ "pull" or the macro "client" in its configuration file, (b) the client |
|
| 17 |
+ succesfully authenticates the server, (c) the server is malicious or has |
|
| 18 |
+ been compromised and is under the control of the attacker, and (d) the |
|
| 19 |
+ client is running a non-Windows OS. Credit: David Wagner. |
|
| 20 |
+ |
|
| 21 |
+* Miscellaneous defensive programming changes to multiple |
|
| 22 |
+ areas of the code. In particular, use of the system() call |
|
| 23 |
+ for calling executables such as ifconfig, route, and |
|
| 24 |
+ user-defined scripts has been completely revamped in favor |
|
| 25 |
+ of execve() on unix and CreateProcess() on Windows. |
|
| 26 |
+ |
|
| 6 | 27 |
2008.06.11 -- Version 2.1_rc8 |
| 7 | 28 |
|
| 8 | 29 |
* Added client authentication and packet filtering capability |