Fix a null-pointer dereference in establish_http_proxy_passthru().Ensure option array p is always NULL-terminated.Fix memory leak in add_option() for option 'connection'.
Fix 2 memory leaks in proxy authentication routine.Preparing for release v2.4.3 (ChangeLog, version.m4, Changes.rst).Fix remotely-triggerable ASSERT() on malformed IPv6 packet.Fix potential 1-byte overread in TCP option parsing.Fix edge case with clients failing to set up cipher on empty PUSH_REPLY.Remove erroneous limitation on max number of args for -plugin.OpenSSL: don't use direct access to the internal of HMAC_CTX.OpenSSL: don't use direct access to the internal of EVP_CIPHER_CTX.OpenSSL: don't use direct access to the internal of EVP_MD_CTX.OpenSSL: force meth->name as non-const when we free() it.OpenSSL: don't use direct access to the internal of DSA.OpenSSL: don't use direct access to the internal of RSA.OpenSSL: don't use direct access to the internal of EVP_PKEY.OpenSSL: don't use direct access to the internal of X509.auth-token with auth-nocache fix broke -disable-crypto builds.crypto: Enable SHA256 fingerprint checking in -verify-hash.Ignore auth-nocache for auth-user-pass if auth-token is pushed.Also, the new -tls-crypt feature can be used to increase users' connection privacy.Ĭompared to OpenVPN 2.4.2 there are several bugfixes and one major feature: support for building with OpenSSL 1.1.Ī summary of the changes is available in Changes.rst, and a full list of changes is available here. Some of the major features are AEAD (GCM) cipher and Elliptic Curve DH key exchange support, improved IPv4/IPv6 dual stack support and more seamless connection migration when client's IP address changes (Peer-ID). More details are available in our official security announcement.Ĭompared to OpenVPN 2.3 this is a major update with a large number of new features, improvements and fixes. We recommend you to upgrade to OpenVPN 2.4.3 or 2.3.17 as soon as possible. In the process several vulnerabilities were found, some of which are remotely exploitable in certain circumstances. OpenVPN v2.4.2 was analyzed closely using a fuzzer by Guido Vranken. De ontwikkelaars hebben versie 2.4.3 uitgebracht, met de volgende veranderingen: OpenVPN 2.4.3 Voor meer informatie verwijzen we naar deze pagina en een installatiehandleiding is op deze pagina te raadplegen. Voor de beveiliging wordt gebruikgemaakt van de OpenSSL-library, waarmee alle encryptie, authenticatie en certificatie afgehandeld kan worden. OpenVPN is een robuuste en gemakkelijk in te stellen opensource-vpn-daemon waarmee verschillende private networks aan elkaar geknoopt kunnen worden door middel van een encrypted tunnel via internet.
0 kommentar(er)
