Browse code
preparing release v2.4.6 (ChangeLog, version.m4, Changes.rst)
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Gert Doering authored on 2018/04/20 00:37:18Showing 3 changed files
| ... | ... |
@@ -1,6 +1,32 @@ |
| 1 | 1 |
OpenVPN Change Log |
| 2 | 2 |
Copyright (C) 2002-2018 OpenVPN Inc <sales@openvpn.net> |
| 3 | 3 |
|
| 4 |
+2018.04.19 -- Version 2.4.6 |
|
| 5 |
+David Sommerseth (1): |
|
| 6 |
+ management: Warn if TCP port is used without password |
|
| 7 |
+ |
|
| 8 |
+Gert Doering (2): |
|
| 9 |
+ Correct version in ChangeLog - should be 2.4.5, was mistyped as 2.4.4 |
|
| 10 |
+ Fix potential double-free() in Interactive Service (CVE-2018-9336) |
|
| 11 |
+ |
|
| 12 |
+Gert van Dijk (1): |
|
| 13 |
+ manpage: improve description of --status and --status-version |
|
| 14 |
+ |
|
| 15 |
+Joost Rijneveld (1): |
|
| 16 |
+ Make return code external tls key match docs |
|
| 17 |
+ |
|
| 18 |
+Selva Nair (3): |
|
| 19 |
+ Delete the IPv6 route to the "connected" network on tun close |
|
| 20 |
+ Management: warn about password only when the option is in use |
|
| 21 |
+ Avoid overflow in wakeup time computation |
|
| 22 |
+ |
|
| 23 |
+Simon Matter (1): |
|
| 24 |
+ Add missing #ifdef SSL_OP_NO_TLSv1_1/2 |
|
| 25 |
+ |
|
| 26 |
+Steffan Karger (1): |
|
| 27 |
+ Check for more data in control channel |
|
| 28 |
+ |
|
| 29 |
+ |
|
| 4 | 30 |
2018.02.28 -- Version 2.4.5 |
| 5 | 31 |
Antonio Quartulli (4): |
| 6 | 32 |
reload HTTP proxy credentials when moving to the next connection profile |
| ... | ... |
@@ -320,6 +320,32 @@ Maintainer-visible changes |
| 320 | 320 |
use -std=gnu99 in CFLAGS. This is known to be needed when doing |
| 321 | 321 |
i386/i686 builds on RHEL5. |
| 322 | 322 |
|
| 323 |
+Version 2.4.6 |
|
| 324 |
+============= |
|
| 325 |
+This is primarily a maintenance release with minor bugfixes and improvements, |
|
| 326 |
+and one security relevant fix for the Windows Interactive Service. |
|
| 327 |
+ |
|
| 328 |
+User visible changes |
|
| 329 |
+-------------------- |
|
| 330 |
+- warn if the management interface is configured with a TCP port and |
|
| 331 |
+ no password is set (because it might be possible to interfere with |
|
| 332 |
+ OpenVPN operation by tricking other programs into connecting to the |
|
| 333 |
+ management interface and inject unwanted commands) |
|
| 334 |
+ |
|
| 335 |
+Bug fixes |
|
| 336 |
+--------- |
|
| 337 |
+- CVE-2018-9336: fix potential double-free() in the Interactive Service |
|
| 338 |
+ (Windows) on malformed input. |
|
| 339 |
+ |
|
| 340 |
+- avoid possible integer overflow in wakeup computation (trac #922) |
|
| 341 |
+ |
|
| 342 |
+- improve handling of incoming packet bursts for control channel data |
|
| 343 |
+ |
|
| 344 |
+- fix compilation with older OpenSSL versions that were broken in 2.4.5 |
|
| 345 |
+ |
|
| 346 |
+- Windows + interactive Service: delete the IPv6 route to the "connected" |
|
| 347 |
+ network on tun close |
|
| 348 |
+ |
|
| 323 | 349 |
|
| 324 | 350 |
Version 2.4.5 |
| 325 | 351 |
============= |
| ... | ... |
@@ -3,12 +3,12 @@ define([PRODUCT_NAME], [OpenVPN]) |
| 3 | 3 |
define([PRODUCT_TARNAME], [openvpn]) |
| 4 | 4 |
define([PRODUCT_VERSION_MAJOR], [2]) |
| 5 | 5 |
define([PRODUCT_VERSION_MINOR], [4]) |
| 6 |
-define([PRODUCT_VERSION_PATCH], [.5]) |
|
| 6 |
+define([PRODUCT_VERSION_PATCH], [.6]) |
|
| 7 | 7 |
m4_append([PRODUCT_VERSION], [PRODUCT_VERSION_MAJOR]) |
| 8 | 8 |
m4_append([PRODUCT_VERSION], [PRODUCT_VERSION_MINOR], [[.]]) |
| 9 | 9 |
m4_append([PRODUCT_VERSION], [PRODUCT_VERSION_PATCH], [[]]) |
| 10 | 10 |
define([PRODUCT_BUGREPORT], [openvpn-users@lists.sourceforge.net]) |
| 11 |
-define([PRODUCT_VERSION_RESOURCE], [2,4,5,0]) |
|
| 11 |
+define([PRODUCT_VERSION_RESOURCE], [2,4,6,0]) |
|
| 12 | 12 |
dnl define the TAP version |
| 13 | 13 |
define([PRODUCT_TAP_WIN_COMPONENT_ID], [tap0901]) |
| 14 | 14 |
define([PRODUCT_TAP_WIN_MIN_MAJOR], [9]) |