1. openvpn
  2. Commit ecaf88f8a4e758567dbb270900401bfd038bcd73
Browse code

Preparing release 2.5.3

version.m4, ChangeLog, Changes.rst

Signed-off-by: Gert Doering <gert@greenie.muc.de>

Gert Doering authored on 2021/06/17 18:01:55
Showing 3 changed files
ChangeLog
History View file @ ecaf88f
... ... 
@@ -1,6 +1,37 @@
1 1 
 OpenVPN Change Log
2 2 
 Copyright (C) 2002-2021 OpenVPN Inc <sales@openvpn.net>
3 3
4 
+2021.06.17 -- Version 2.5.3
5 
+
6 
+Arne Schwabe (3):
7 
+      Add missing free_key_ctx for auth_token
8 
+      Add github actions
9 
+      Implement auth-token-user
10 
+
11 
+David Sommerseth (1):
12 
+      Update copyrights
13 
+
14 
+Lev Stipakov (8):
15 
+      openvpnmsica: properly schedule reboot in the end of installation
16 
+      msvc: add ARM64 configuration
17 
+      msvc: standalone building
18 
+      contrib/vcpkg-ports: add pkcs11-helper port
19 
+      vcpkg-ports: restore trailing whitespaces in .patch files
20 
+      GitHub actions: add MSVC build
21 
+      crypto_openssl.c: disable explicit initialization on Windows (CVE-2121-3606)
22 
+      contrib/vcpkg-ports: add openssl port with --no-autoload-config option set (CVE-2121-3606)
23 
+
24 
+Matthias Andree (1):
25 
+      Fix SIGSEGV (NULL deref) receiving push "echo"
26 
+
27 
+Max Fillinger (1):
28 
+      Fix build with mbedtls w/o SSL renegotiation support
29 
+
30 
+Selva Nair (2):
31 
+      Improve documentation of AUTH_PENDING related directives
32 
+      Apply the connect-retry backoff to only one side of a connection
33 
+
34 
+
4 35 
 2021.04.20 -- Version 2.5.2
5 36
6 37 
 Arne Schwabe (10):
Changes.rst
History View file @ ecaf88f
... ... 
@@ -1,3 +1,42 @@
1 
+Overview of changes in 2.5.3
2 
+============================
3 
+Bugfixes
4 
+--------
5 
+- CVE-2121-3606
6 
+  see https://community.openvpn.net/openvpn/wiki/SecurityAnnouncements
7 
+
8 
+  OpenVPN windows builds could possibly load OpenSSL Config files from
9 
+  world writeable locations, thus posing a security risk to OpenVPN.
10 
+
11 
+  As a fix, disable OpenSSL config loading completely on Windows.
12 
+
13 
+- disable connect-retry backoff for p2p (--secret) instances
14 
+  (Trac #1010, #1384)
15 
+
16 
+- fix build with mbedtls w/o SSL renegotiation support
17 
+
18 
+- Fix SIGSEGV (NULL deref) receiving push "echo" (Trac #1409)
19 
+
20 
+- MSI installers: properly schedule reboot in the end of installation
21 
+
22 
+- fix small memory leak in free_key_ctx for auth_token
23 
+
24 
+
25 
+User-visible Changes
26 
+--------------------
27 
+- update copyright messages in files and --version output
28 
+
29 
+New features
30 
+------------
31 
+- add --auth-token-user option (for --auth-token deployments without
32 
+  --auth-user-pass in client config)
33 
+
34 
+- improve MSVC building for Windows
35 
+
36 
+- official MSI installers will now contain arm64 drivers and binaries
37 
+  (x86, amd64, arm64)
38 
+
39 
+
1 40 
 Overview of changes in 2.5.2
2 41 
 ============================
3 42
version.m4
History View file @ ecaf88f
... ... 
@@ -3,12 +3,12 @@ define([PRODUCT_NAME], [OpenVPN])
3 3 
 define([PRODUCT_TARNAME], [openvpn])
4 4 
 define([PRODUCT_VERSION_MAJOR], [2])
5 5 
 define([PRODUCT_VERSION_MINOR], [5])
6 
-define([PRODUCT_VERSION_PATCH], [.2])
6 
+define([PRODUCT_VERSION_PATCH], [.3])
7 7 
 m4_append([PRODUCT_VERSION], [PRODUCT_VERSION_MAJOR])
8 8 
 m4_append([PRODUCT_VERSION], [PRODUCT_VERSION_MINOR], [[.]])
9 9 
 m4_append([PRODUCT_VERSION], [PRODUCT_VERSION_PATCH], [[]])
10 10 
 define([PRODUCT_BUGREPORT], [openvpn-users@lists.sourceforge.net])
11 
-define([PRODUCT_VERSION_RESOURCE], [2,5,2,0])
11 
+define([PRODUCT_VERSION_RESOURCE], [2,5,3,0])
12 12 
 dnl define the TAP version
13 13 
 define([PRODUCT_TAP_WIN_COMPONENT_ID], [tap0901])
14 14 
 define([PRODUCT_TAP_WIN_MIN_MAJOR], [9])