The OpenVPN community project team is proud to release OpenVPN 2.6.12.
This is a bugfix release.
Bug fixes:
* the fix for CVE-2024-5594 (refuse control channel messages with nonprintable
characters) was too strict, breaking user
configurations with AUTH_FAIL messages having trailing CR/NL characters.
This often happens if the AUTH_FAIL reason
is set by a script. Strip those before testing the command buffer (github
#568). Also, add unit test.
* Http-proxy: fix bug preventing proxy credentials caching (trac #1187)
Windows MSI changes since 2.6.11:
* Built against OpenSSL 3.3.1
* Included openvpn-gui updated to 11.50.0.0
*Update Italian language (github #696)
More details can be found in the Changes document:
<https://github.com/OpenVPN/openvpn/blob/release/2.6/Changes.rst>
(The Changes document also contains a section with work-arounds for
common problems encountered when using OpenVPN with OpenSSL 3)
Source code and Windows installers can be downloaded from our download page:
<https://openvpn.net/community-downloads/>
Debian and Ubuntu packages are available in the official apt repositories:
<https://community.openvpn.net/openvpn/wiki/OpenvpnSoftwareRepos#DebianUbuntu:UsingOpenVPNaptrepositories>
On Red Hat derivatives we recommend using the Fedora Copr repository.
<https://copr.fedorainfracloud.org/coprs/dsommers/openvpn-release-2.6/>
Kind regards,
Yuriy Darnobyt
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
