Browse code
Preparing release 2.5.6
version.m4, ChangeLog, Changes.rst
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Gert Doering authored on 2022/03/16 04:25:30Showing 3 changed files
| ... | ... |
@@ -1,6 +1,41 @@ |
| 1 | 1 |
OpenVPN Change Log |
| 2 | 2 |
Copyright (C) 2002-2022 OpenVPN Inc <sales@openvpn.net> |
| 3 | 3 |
|
| 4 |
+2022.03.16 -- Version 2.5.6 |
|
| 5 |
+ |
|
| 6 |
+Antonio Quartulli (4): |
|
| 7 |
+ GitHub Actions: update script to same version as master |
|
| 8 |
+ update copyright year to 2022 |
|
| 9 |
+ keyingmaterialexporter.c: include strings.h |
|
| 10 |
+ remove unused sitnl.h file |
|
| 11 |
+ |
|
| 12 |
+David Sommerseth (2): |
|
| 13 |
+ sample-plugin: New plugin for testing multiple auth plugins |
|
| 14 |
+ plug-ins: Disallow multiple deferred authentication plug-ins |
|
| 15 |
+ |
|
| 16 |
+Frank Lichtenheld (2): |
|
| 17 |
+ doc/Makefile: rebuild rst docs if input files change |
|
| 18 |
+ doc/options: clean up documentation for --proto and related options |
|
| 19 |
+ |
|
| 20 |
+Gert Doering (4): |
|
| 21 |
+ fix Changes.rst errors in 2.5.3 and 2.5.5 announcement |
|
| 22 |
+ Repair --inactive with 'bytes' argument larger 2Gbytes. |
|
| 23 |
+ Fix --mtu-disc maybe|yes on Linux. |
|
| 24 |
+ Preparing release 2.5.6 |
|
| 25 |
+ |
|
| 26 |
+Ilya Shipitsin (1): |
|
| 27 |
+ CI: github actions: keep "pdb" in artifacts |
|
| 28 |
+ |
|
| 29 |
+Lev Stipakov (7): |
|
| 30 |
+ auth_token.c: add NULL initialization |
|
| 31 |
+ vcpkg-ports/pkcs11-helper: bump to release 1.28 |
|
| 32 |
+ vcpkg-ports/pkcs11-helper: indicate OpenSSL EC support |
|
| 33 |
+ msvc: cleanup |
|
| 34 |
+ vcpkg: link lzo statically |
|
| 35 |
+ vcpkg-ports/pkcs11-helper: adapt to new upstream URL |
|
| 36 |
+ vcpkg-ports: add openssl 1.1.1n |
|
| 37 |
+ |
|
| 38 |
+ |
|
| 4 | 39 |
2021.12.14 -- Version 2.5.5 |
| 5 | 40 |
|
| 6 | 41 |
Adrian (1): |
| ... | ... |
@@ -1,3 +1,72 @@ |
| 1 |
+Overview of changes in 2.5.6 |
|
| 2 |
+============================ |
|
| 3 |
+ |
|
| 4 |
+User-visible Changes |
|
| 5 |
+-------------------- |
|
| 6 |
+- update copyright year to 2022 |
|
| 7 |
+ |
|
| 8 |
+New features |
|
| 9 |
+------------ |
|
| 10 |
+- new plugin (sample-plugin/defer/multi-auth.c) to help testing with |
|
| 11 |
+ multiple parallel plugins that succeed/fail in direct/deferred mode |
|
| 12 |
+ |
|
| 13 |
+- various build improvements (github actions etc) |
|
| 14 |
+ |
|
| 15 |
+- upgrade pkcs11-helper to release 1.28.4 |
|
| 16 |
+ |
|
| 17 |
+Bugfixes |
|
| 18 |
+-------- |
|
| 19 |
+- CVE-2022-0547 |
|
| 20 |
+ see https://community.openvpn.net/openvpn/wiki/SecurityAnnouncements |
|
| 21 |
+ |
|
| 22 |
+ If openvpn is configured with multiple authentication plugins and |
|
| 23 |
+ more than one plugin tries to do deferred authentication, the result |
|
| 24 |
+ is not well-defined - creating a possible authentication bypass. |
|
| 25 |
+ |
|
| 26 |
+ In this situation the server process will now abort itself with a clear |
|
| 27 |
+ log message. Only one plugin is allowed to do deferred authentication. |
|
| 28 |
+ |
|
| 29 |
+- Fix "--mtu-disc maybe|yes" on Linux |
|
| 30 |
+ |
|
| 31 |
+ Due to configure/syshead.h/#ifdef confusion, the code in question was |
|
| 32 |
+ not compiled-in since a long time. Fixed. Trac: #1452 |
|
| 33 |
+ |
|
| 34 |
+- Fix $common_name variable passed to scripts when username-as-common-name |
|
| 35 |
+ is in effect. |
|
| 36 |
+ |
|
| 37 |
+ This was not consistently set - sometimes, OpenVPN exported the username, |
|
| 38 |
+ sometimes the common name from the client cert. Fixed. Trac: #1434 |
|
| 39 |
+ |
|
| 40 |
+- Fix potential memory leaks in add_route() and add_route_ipv6(). |
|
| 41 |
+ |
|
| 42 |
+- Apply connect-retry backoff only to one side of the connection in |
|
| 43 |
+ p2p mode. Without that fix/enhancement, two sides could end up |
|
| 44 |
+ only sending packets when the other end is not ready. Trac: #1010, #1384 |
|
| 45 |
+ |
|
| 46 |
+- remove unused sitnl.h file |
|
| 47 |
+ |
|
| 48 |
+- clean up msvc build files, remove unused MSVC build .bat files |
|
| 49 |
+ |
|
| 50 |
+- repair "--inactive" handling with a 'bytes' parameter larger than 2 Gbytes |
|
| 51 |
+ |
|
| 52 |
+ due to integer overflow, this ended up being "0" on Linux, but on |
|
| 53 |
+ Windows with MSVC it ends up being "always 2 Gbyte", both not doing |
|
| 54 |
+ what is requested. Trac: #1448 |
|
| 55 |
+ |
|
| 56 |
+- repair handling of EC certificates on Windows with pkcs11-helper |
|
| 57 |
+ |
|
| 58 |
+ (wrong compile-time defines for OpenSSL 1.1.1) |
|
| 59 |
+ |
|
| 60 |
+Documentation |
|
| 61 |
+------------- |
|
| 62 |
+- documentation improvements related to DynDNS. Trac: #1417 |
|
| 63 |
+ |
|
| 64 |
+- clean up documentation for --proto and related options |
|
| 65 |
+ |
|
| 66 |
+- rebuild rst docs if input files change (proper dependency handling) |
|
| 67 |
+ |
|
| 68 |
+ |
|
| 69 |
+ |
|
| 1 | 70 |
Overview of changes in 2.5.5 |
| 2 | 71 |
============================ |
| 3 | 72 |
|
| ... | ... |
@@ -3,12 +3,12 @@ define([PRODUCT_NAME], [OpenVPN]) |
| 3 | 3 |
define([PRODUCT_TARNAME], [openvpn]) |
| 4 | 4 |
define([PRODUCT_VERSION_MAJOR], [2]) |
| 5 | 5 |
define([PRODUCT_VERSION_MINOR], [5]) |
| 6 |
-define([PRODUCT_VERSION_PATCH], [.5]) |
|
| 6 |
+define([PRODUCT_VERSION_PATCH], [.6]) |
|
| 7 | 7 |
m4_append([PRODUCT_VERSION], [PRODUCT_VERSION_MAJOR]) |
| 8 | 8 |
m4_append([PRODUCT_VERSION], [PRODUCT_VERSION_MINOR], [[.]]) |
| 9 | 9 |
m4_append([PRODUCT_VERSION], [PRODUCT_VERSION_PATCH], [[]]) |
| 10 | 10 |
define([PRODUCT_BUGREPORT], [openvpn-users@lists.sourceforge.net]) |
| 11 |
-define([PRODUCT_VERSION_RESOURCE], [2,5,5,0]) |
|
| 11 |
+define([PRODUCT_VERSION_RESOURCE], [2,5,6,0]) |
|
| 12 | 12 |
dnl define the TAP version |
| 13 | 13 |
define([PRODUCT_TAP_WIN_COMPONENT_ID], [tap0901]) |
| 14 | 14 |
define([PRODUCT_TAP_WIN_MIN_MAJOR], [9]) |