04-24-2018 , 11:22 PM
https://community.openvpn.net/openvpn/wi...nOpenvpn24 OpenVPN 2.4.6
David Sommerseth (1):
management: Warn if TCP port is used without password
Gert Doering (3):
Correct version in ChangeLog - should be 2.4.5, was mistyped as 2.4.4
Fix potential double-free() in Interactive Service (CVE-2018-9336)
preparing release v2.4.6 (ChangeLog, version.m4, Changes.rst)
Gert van Dijk (1):
manpage: improve description of --status and --status-version
Joost Rijneveld (1):
Make return code external tls key match docs
Selva Nair (3):
Delete the IPv6 route to the "connected" network on tun close
Management: warn about password only when the option is in use
Avoid overflow in wakeup time computation
Simon Matter (1):
Add missing #ifdef SSL_OP_NO_TLSv1_1/2
Steffan Karger (1):
Check for more data in control channel
https://openvpn.net/index.php/open-sourc...loads.html Downloads
OpenVPN 2.4.6 -- released on 2018.04.24 (Change Log)
This is primarily a maintenance release with minor bugfixes and improvements, and one security relevant fix for the Windows Interactive Service. Windows installer includes updated OpenVPN GUI and OpenSSL. The bundled tap-windows6 driver includes one security fix. Note that the driver no longer works on Windows Vista due to incompatible Authenticode signature.
Please note that LibreSSL is not a supported crypto backend. We accept patches and we do test on OpenBSD 6.0 which comes with LibreSSL, but if newer versions of LibreSSL break API compatibility we do not take responsibility to fix that.
Also note that Windows installers have been built with NSIS version that has been patched against several NSIS installer code execution and privilege escalation problems. Based on our testing, though, older Windows versions such as Windows 7 might not benefit from these fixes. We thus strongly encourage you to always move NSIS installers to a non-user-writeable location before running them. Our long-term plan is to migrate to using MSI installers instead.
Compared to OpenVPN 2.3 this is a major update with a large number of new features, improvements and fixes. Some of the major features are AEAD (GCM) cipher and Elliptic Curve DH key exchange support, improved IPv4/IPv6 dual stack support and more seamless connection migration when client's IP address changes (Peer-ID). Also, the new --tls-crypt feature can be used to increase users' connection privacy.
A summary of the changes is available in Changes.rst, and a full list of changes is available here.
OpenVPN GUI bundled with the Windows installer has a large number of new features compared to the one bundled with OpenVPN 2.3. One of major features is the ability to run OpenVPN GUI without administrator privileges. For full details, see the changelog. The new OpenVPN GUI features are documented here.
Please note that OpenVPN 2.4 installers will not work on Windows XP.
If you find a bug in this release, please file a bug report to our Trac bug tracker. In uncertain cases please contact our developers first, either using the openvpn-devel mailinglist or the developer IRC channel (#openvpn-devel at irc.freenode.net). For generic help take a look at our official documentation, wiki, forums, openvpn-users mailing list and user IRC channel (#openvpn at irc.freenode.net).
Source Tarball (gzip)
openvpn-2.4.6.tar.gz GnuPG Signature
Source Tarball (xz)
openvpn-2.4.6.tar.xz GnuPG Signature
Source Zip openvpn-2.4.6.zip GnuPG Signature
Installer, Windows Vista and later
openvpn-install-2.4.6-I601.exe GnuPG Signature
100% Scanned Safe & Malware Free & Clean With Kaspersky Total Security
Kaspersky File Advisor Trusted ( Kaspersky Security Network) Digital Signature:( OpenVPN Technologies, Inc.)
David Sommerseth (1):
management: Warn if TCP port is used without password
Gert Doering (3):
Correct version in ChangeLog - should be 2.4.5, was mistyped as 2.4.4
Fix potential double-free() in Interactive Service (CVE-2018-9336)
preparing release v2.4.6 (ChangeLog, version.m4, Changes.rst)
Gert van Dijk (1):
manpage: improve description of --status and --status-version
Joost Rijneveld (1):
Make return code external tls key match docs
Selva Nair (3):
Delete the IPv6 route to the "connected" network on tun close
Management: warn about password only when the option is in use
Avoid overflow in wakeup time computation
Simon Matter (1):
Add missing #ifdef SSL_OP_NO_TLSv1_1/2
Steffan Karger (1):
Check for more data in control channel
https://openvpn.net/index.php/open-sourc...loads.html Downloads
OpenVPN 2.4.6 -- released on 2018.04.24 (Change Log)
This is primarily a maintenance release with minor bugfixes and improvements, and one security relevant fix for the Windows Interactive Service. Windows installer includes updated OpenVPN GUI and OpenSSL. The bundled tap-windows6 driver includes one security fix. Note that the driver no longer works on Windows Vista due to incompatible Authenticode signature.
Please note that LibreSSL is not a supported crypto backend. We accept patches and we do test on OpenBSD 6.0 which comes with LibreSSL, but if newer versions of LibreSSL break API compatibility we do not take responsibility to fix that.
Also note that Windows installers have been built with NSIS version that has been patched against several NSIS installer code execution and privilege escalation problems. Based on our testing, though, older Windows versions such as Windows 7 might not benefit from these fixes. We thus strongly encourage you to always move NSIS installers to a non-user-writeable location before running them. Our long-term plan is to migrate to using MSI installers instead.
Compared to OpenVPN 2.3 this is a major update with a large number of new features, improvements and fixes. Some of the major features are AEAD (GCM) cipher and Elliptic Curve DH key exchange support, improved IPv4/IPv6 dual stack support and more seamless connection migration when client's IP address changes (Peer-ID). Also, the new --tls-crypt feature can be used to increase users' connection privacy.
A summary of the changes is available in Changes.rst, and a full list of changes is available here.
OpenVPN GUI bundled with the Windows installer has a large number of new features compared to the one bundled with OpenVPN 2.3. One of major features is the ability to run OpenVPN GUI without administrator privileges. For full details, see the changelog. The new OpenVPN GUI features are documented here.
Please note that OpenVPN 2.4 installers will not work on Windows XP.
If you find a bug in this release, please file a bug report to our Trac bug tracker. In uncertain cases please contact our developers first, either using the openvpn-devel mailinglist or the developer IRC channel (#openvpn-devel at irc.freenode.net). For generic help take a look at our official documentation, wiki, forums, openvpn-users mailing list and user IRC channel (#openvpn at irc.freenode.net).
Source Tarball (gzip)
openvpn-2.4.6.tar.gz GnuPG Signature
Source Tarball (xz)
openvpn-2.4.6.tar.xz GnuPG Signature
Source Zip openvpn-2.4.6.zip GnuPG Signature
Installer, Windows Vista and later
openvpn-install-2.4.6-I601.exe GnuPG Signature
100% Scanned Safe & Malware Free & Clean With Kaspersky Total Security
Kaspersky File Advisor Trusted ( Kaspersky Security Network) Digital Signature:( OpenVPN Technologies, Inc.)