@@ -1,6 +1,41 @@

 OpenVPN ChangeLog

 Copyright (C) 2002-2024 OpenVPN Inc <sales@openvpn.net>

+2024.06.20 -- Version 2.6.11

+

+5andr0 (1):

+      Implement server_poll_timeout for socks

+

+Arne Schwabe (6):

+      Use snprintf instead of sprintf for get_ssl_library_version

+      Add bracket in fingerprint message and do not warn about missing verification

+      Replace macos11 with macos14 in github runners

+      Only run coverity scan in OpenVPN/OpenVPN repository

+      Workaround issue in LibreSSL crashing when enumerating digests/ciphers

+      Properly handle null bytes and invalid characters in control messages

+

+Franco Fichtner (1):

+      Allow to set ifmode for existing DCO interfaces in FreeBSD

+

+Frank Lichtenheld (6):

+      samples: Update sample configurations

+      documentation: make section levels consistent

+      phase2_tcp_server: fix Coverity issue 'Dereference after null check'

+      script-options.rst: Update ifconfig_* variables

+      LZO: do not use lzoutils.h macros

+      Remove "experimental" denotation for --fast-io

+

+Heiko Wundram (1):

+      Implement Windows CA template match for Crypto-API selector

+

+Lev Stipakov (2):

+      misc.c: remove unused code

+      interactive.c: Improve access control for gui<->service pipe

+

+Reynir Björnsson (1):

+      Only schedule_exit() once

+

+

 2024.03.20 -- Version 2.6.10

 Christoph Schug (1):

@@ -1,3 +1,72 @@

+Overview of changes in 2.6.11

+=============================

+Security fixes

+--------------

+- CVE-2024-4877: Windows: harden interactive service pipe.

+  Security scope: a malicious process with "some" elevated privileges

+  (SeImpersonatePrivilege) could open the pipe a second time, tricking

+  openvn GUI into providing user credentials (tokens), getting full

+  access to the account openvpn-gui.exe runs as.

+  (Zeze with TeamT5)

+

+- CVE-2024-5594: control channel: refuse control channel messages with

+  nonprintable characters in them.  Security scope: a malicious openvpn

+  peer can send garbage to openvpn log, or cause high CPU load.

+  (Reynir Björnsson)

+

+- CVE-2024-28882: only call schedule_exit() once (on a given peer).

+  Security scope: an authenticated client can make the server "keep the

+  session" even when the server has been told to disconnect this client

+  (Reynir Björnsson)

+

+New features

+------------

+- Windows Crypto-API: Implement Windows CA template match for searching

+  certificates in windows crypto store.

+

+- support pre-created DCO interface on FreeBSD (OpenVPN would fail to

+  set ifmode p2p/subnet otherwise)

+

+Bugfixes

+--------

+- fix connect timeout when using SOCKS proxies (trac #328, github #267)

+

+- work around LibreSSL crashing on OpenBSD 7.5 when enumerating ciphers

+  (LibreSSL bug, already fixed upstream, but not backported to OpenBSD 7.5,

+  see also https://github.com/libressl/openbsd/issues/150)

+

+- Add bracket in fingerprint message and do not warn about missing

+  verification (github #516)

+

+Documentation

+-------------

+- remove "experimental" denotation for --fast-io

+

+- correctly document ifconfig_* variables passed to scripts (script-options.rst)

+

+- documentation: make section levels consistent

+

+- samples: Update sample configurations

+   remove compression & old cipher settings, add more informative comments

+

+Code maintenance

+----------------

+- remove usage of <lzoutils.h> header & macro, discouraged by upstream

+

+- only run coverity scans in OpenVPN/OpenVPN repository (= do not spam

+  owners of cloned repos with "cannot run this" messages)

+

+- replace macOS 11 github runners with macOS 14

+

+- remove some unused code in misc.c (leftover from commit 3a4fb1)

+

+- phase2_tcp_server: fix Coverity issue 'Dereference after null check'

+  - the code itself was correct, just doing needless checks

+

+- Use snprintf instead of sprintf for get_ssl_library_version

+  - the code itself was correct, but macOS clang dislikes sprintf()

+

+

 Overview of changes in 2.6.10

 =============================

 Security fixes

@@ -3,12 +3,12 @@ define([PRODUCT_NAME], [OpenVPN])

 define([PRODUCT_TARNAME], [openvpn])

 define([PRODUCT_VERSION_MAJOR], [2])

 define([PRODUCT_VERSION_MINOR], [6])

-define([PRODUCT_VERSION_PATCH], [.10])

+define([PRODUCT_VERSION_PATCH], [.11])

 m4_append([PRODUCT_VERSION], [PRODUCT_VERSION_MAJOR])

 m4_append([PRODUCT_VERSION], [PRODUCT_VERSION_MINOR], [[.]])

 m4_append([PRODUCT_VERSION], [PRODUCT_VERSION_PATCH], [[]])

 define([PRODUCT_BUGREPORT], [openvpn-users@lists.sourceforge.net])

-define([PRODUCT_VERSION_RESOURCE], [2,6,9,0])

+define([PRODUCT_VERSION_RESOURCE], [2,6,11,0])

 dnl define the TAP version

 define([PRODUCT_TAP_WIN_COMPONENT_ID], [tap0901])

 define([PRODUCT_TAP_WIN_MIN_MAJOR], [9])