Changes between Version 32 and Version 33 of ChangesInOpenvpn23


Ignore:
Timestamp:
06/21/17 10:50:24 (7 years ago)
Author:
Samuli Seppänen
Comment:

Add changelog for OpenVPN 2.3.17

Legend:

Unmodified
Added
Removed
Modified

  • ChangesInOpenvpn23

    v32 v33  
    22
    33= Overview of changes in OpenVPN v2.3 =
     4
     5== OpenVPN 2.3.17 ==
     6
     7{{{
     8David Sommerseth (2):
     9      backport: Ignore auth-nocache for auth-user-pass if auth-token is pushed
     10      auth-token with auth-nocache fix broke --disable-crypto builds
     11
     12Gert Doering (3):
     13      Fix potential 1-byte overread in TCP option parsing.
     14      Fix remotely-triggerable ASSERT() on malformed IPv6 packet.
     15      Preparing for release v2.3.17 (ChangeLog, version.m4, Changes.rst)
     16
     17Guido Vranken (6):
     18      refactor my_strupr
     19      Fix 2 memory leaks in proxy authentication routine
     20      Fix memory leak in add_option() for option 'connection'
     21      Ensure option array p[] is always NULL-terminated
     22      Fix a null-pointer dereference in establish_http_proxy_passthru()
     23      Prevent two kinds of stack buffer OOB reads and a crash for invalid input data
     24
     25Jérémie Courrèges-Anglas (2):
     26      Fix an unaligned access on OpenBSD/sparc64
     27      Missing include for socket-flags TCP_NODELAY on OpenBSD
     28
     29Steffan Karger (4):
     30      openssl: fix overflow check for long --tls-cipher option
     31      Fix remote-triggerable memory leaks (CVE-2017-7521)
     32      Restrict --x509-alt-username extension types
     33      Fix potential double-free in --x509-alt-username (CVE-2017-7521)
     34}}}
    435
    536== OpenVPN 2.3.16 ==