Agenda
- Handling security vulnerabilities in the future
- Always get a CVE entry?
- Always make a security announcement (threat, impact, etc.)
- Makes handling the issue much easier for downstream
- OpenVPN 3.0
- Was released along API documentation under AGPL v3 in FOSDEM 2013
- Currently used primarily/only in OpenVPN Connect clients for Android/iOS from OpenVPN Technologies, Inc.
- Getting the code to Git: currently only an outdated tarball is available
- OpenVPN 2.4
- What is the goal of the 2.4 release?
- What patches in "master" are 2.4-only material?
- Patches
- Android patchsets
- Dual stack client patches
- utun on mac os x
- native tun, no need for extra tun.kext
- Supported for all OS X >= 10.6.8 (latest PPC version)
- Unfortunatly requires root
- Real question: Drop tun.kext support and support only utun or "try utun first, fall back to tun.kext if it fails"
Download in other formats: