Changes between Version 12 and Version 13 of ChangesInOpenvpn24


Ignore:
Timestamp:
06/21/17 10:49:31 (7 months ago)
Author:
samuli
Comment:

Add changelog for OpenVPN 2.4.3

Legend:

Unmodified
Added
Removed
Modified
  • ChangesInOpenvpn24

    v12 v13  
    22
    33An overview is available in [https://github.com/OpenVPN/openvpn/blob/release/2.4/Changes.rst Changes.rst]. Complete change logs below.
     4
     5== OpenVPN 2.4.3 ==
     6
     7{{{
     8Antonio Quartulli (1):
     9      Ignore auth-nocache for auth-user-pass if auth-token is pushed
     10
     11David Sommerseth (3):
     12      crypto: Enable SHA256 fingerprint checking in --verify-hash
     13      copyright: Update GPLv2 license texts
     14      auth-token with auth-nocache fix broke --disable-crypto builds
     15
     16Emmanuel Deloget (8):
     17      OpenSSL: don't use direct access to the internal of X509
     18      OpenSSL: don't use direct access to the internal of EVP_PKEY
     19      OpenSSL: don't use direct access to the internal of RSA
     20      OpenSSL: don't use direct access to the internal of DSA
     21      OpenSSL: force meth->name as non-const when we free() it
     22      OpenSSL: don't use direct access to the internal of EVP_MD_CTX
     23      OpenSSL: don't use direct access to the internal of EVP_CIPHER_CTX
     24      OpenSSL: don't use direct access to the internal of HMAC_CTX
     25
     26Gert Doering (6):
     27      Fix NCP behaviour on TLS reconnect.
     28      Remove erroneous limitation on max number of args for --plugin
     29      Fix edge case with clients failing to set up cipher on empty PUSH_REPLY.
     30      Fix potential 1-byte overread in TCP option parsing.
     31      Fix remotely-triggerable ASSERT() on malformed IPv6 packet.
     32      Preparing for release v2.4.3 (ChangeLog, version.m4, Changes.rst)
     33
     34Guido Vranken (6):
     35      refactor my_strupr
     36      Fix 2 memory leaks in proxy authentication routine
     37      Fix memory leak in add_option() for option 'connection'
     38      Ensure option array p[] is always NULL-terminated
     39      Fix a null-pointer dereference in establish_http_proxy_passthru()
     40      Prevent two kinds of stack buffer OOB reads and a crash for invalid input data
     41
     42Jérémie Courrèges-Anglas (2):
     43      Fix an unaligned access on OpenBSD/sparc64
     44      Missing include for socket-flags TCP_NODELAY on OpenBSD
     45
     46Matthias Andree (1):
     47      Make openvpn-plugin.h self-contained again.
     48
     49Selva Nair (1):
     50      Pass correct buffer size to GetModuleFileNameW()
     51
     52Steffan Karger (11):
     53      Log the negotiated (NCP) cipher
     54      Avoid a 1 byte overcopy in x509_get_subject (ssl_verify_openssl.c)
     55      Skip tls-crypt unit tests if required crypto mode not supported
     56      openssl: fix overflow check for long --tls-cipher option
     57      Add a DSA test key/cert pair to sample-keys
     58      Fix mbedtls fingerprint calculation
     59      mbedtls: fix --x509-track post-authentication remote DoS (CVE-2017-7522)
     60      mbedtls: require C-string compatible types for --x509-username-field
     61      Fix remote-triggerable memory leaks (CVE-2017-7521)
     62      Restrict --x509-alt-username extension types
     63      Fix potential double-free in --x509-alt-username (CVE-2017-7521)
     64
     65Steven McDonald (1):
     66      Fix gateway detection with OpenBSD routing domains
     67}}}
    468
    569== OpenVPN 2.4.2 ==