| 4 | |
| 5 | == OpenVPN 2.4.1 == |
| 6 | |
| 7 | {{{ |
| 8 | David Sommerseth (6): |
| 9 | auth-token: Ensure tokens are always wiped on de-auth |
| 10 | docs: Fixed man-page warnings discoverd by rpmlint |
| 11 | Make --cipher/--auth none more explicit on the risks |
| 12 | plugin: Fix documentation typo for type_mask |
| 13 | plugin: Export secure_memzero() to plug-ins |
| 14 | Preparing v2.4.2 release |
| 15 | |
| 16 | Hristo Venev (1): |
| 17 | Fix extract_x509_field_ssl for external objects, v2 |
| 18 | |
| 19 | Selva Nair (1): |
| 20 | In auth-pam plugin clear the password after use |
| 21 | |
| 22 | Steffan Karger (10): |
| 23 | cleanup: merge packet_id_alloc_outgoing() into packet_id_write() |
| 24 | Don't run packet_id unit tests for --disable-crypto builds |
| 25 | Fix Changes.rst layout |
| 26 | Fix memory leak in x509_verify_cert_ku() |
| 27 | mbedtls: correctly check return value in pkcs11_certificate_dn() |
| 28 | Restore pre-NCP frame parameters for new sessions |
| 29 | Always clear username/password from memory on error |
| 30 | Document tls-crypt security considerations in man page |
| 31 | Don't assert out on receiving too-large control packets (CVE-2017-7478) |
| 32 | Drop packets instead of assert out if packet id rolls over (CVE-2017-7479) |
| 33 | |
| 34 | ValdikSS (1): |
| 35 | Set a low interface metric for tap adapter when block-outside-dns is in use |
| 36 | }}} |