| 4 | |
| 5 | == OpenVPN 2.3.17 == |
| 6 | |
| 7 | {{{ |
| 8 | David Sommerseth (2): |
| 9 | backport: Ignore auth-nocache for auth-user-pass if auth-token is pushed |
| 10 | auth-token with auth-nocache fix broke --disable-crypto builds |
| 11 | |
| 12 | Gert Doering (3): |
| 13 | Fix potential 1-byte overread in TCP option parsing. |
| 14 | Fix remotely-triggerable ASSERT() on malformed IPv6 packet. |
| 15 | Preparing for release v2.3.17 (ChangeLog, version.m4, Changes.rst) |
| 16 | |
| 17 | Guido Vranken (6): |
| 18 | refactor my_strupr |
| 19 | Fix 2 memory leaks in proxy authentication routine |
| 20 | Fix memory leak in add_option() for option 'connection' |
| 21 | Ensure option array p[] is always NULL-terminated |
| 22 | Fix a null-pointer dereference in establish_http_proxy_passthru() |
| 23 | Prevent two kinds of stack buffer OOB reads and a crash for invalid input data |
| 24 | |
| 25 | Jérémie Courrèges-Anglas (2): |
| 26 | Fix an unaligned access on OpenBSD/sparc64 |
| 27 | Missing include for socket-flags TCP_NODELAY on OpenBSD |
| 28 | |
| 29 | Steffan Karger (4): |
| 30 | openssl: fix overflow check for long --tls-cipher option |
| 31 | Fix remote-triggerable memory leaks (CVE-2017-7521) |
| 32 | Restrict --x509-alt-username extension types |
| 33 | Fix potential double-free in --x509-alt-username (CVE-2017-7521) |
| 34 | }}} |