![]() ![]() CVE-2023-46849 OpenVPN versions between 2.6.0 and 2.6.6 incorrectly restore -fragment configuration in some circumstances, leading to a division by zero when -fragment is used. ![]() not using -secret) are affected by this issue. CVE-2023-46850 OpenVPN versions between 2.6.0 and 2.6.6 incorrectly use a send buffer after it has been free()d in some circumstances, causing some free()d memory to be sent to the peer.Linux Packages: Instructions for installing community-maintained Linux packages can be found in the Community Wiki. Windows Client: Community MSI installer for Windows client can be found at Community Downloads. Statistics would fail due to insufficient buffer space ( #487) FreeBSD: for servers with multiple clients, reporting of peer traffic.on some FIPS builds) - this is now reported on startup, andĬlients before 2.6.0 that can not use TLS EKM to generate key materialĪre rejected by the server. Previously IPv6 was always logged at -verb 1.īetter handling of TLS 1.0 PRF failures in the underlying SSL library IPv6 route addition/deletion are now logged on the same level (3) asįor IPv4. Looking at both old and new code and documentation, so there should Feature-compatibility has been tested by other developers, (due to the re-licensing effort) and rewritten without looking at the The original code for the -tls-export-cert feature has been removed See COPYING for details.Ĭode that could not be re-licensed has been removed or rewritten. Under the new license (still GPLv2, but with new linking exceptionįor Apache2 licensed code). License change is now complete, and all code has been re-licensed protocol_dump(): add support for printing -tls-crypt packets. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |