Preparing release 2.5.9

version.m4, ChangeLog, Changes.rst

Signed-off-by: Gert Doering <gert@greenie.muc.de>

diff --git a/ChangeLog b/ChangeLog
index 5da537a6228a95a4c6de99681d2061b8d4091ac8..3701823d5df3fc51ab51e80b14b5098d57166f25 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,6 +1,31 @@
 OpenVPN Change Log
 Copyright (C) 2002-2022 OpenVPN Inc <sales@openvpn.net>
 
+2023.02.14 -- Version 2.5.9
+
+Arne Schwabe (6):
+      Implement optional cipher in --data-ciphers prefixed with ?
+      Fix handling an optional invalid cipher at the end of data-ciphers
+      Ensure that argument to parse_line has always space for final sentinel
+      Improve documentation on user/password requirement and unicodize function
+      Remove unused gc_arena
+      Fix corner case that might lead to leaked file descriptor
+
+Frank Lichtenheld (1):
+      msvc: always call git-version.py
+
+Lev Stipakov (1):
+      git-version.py: proper support for tags
+
+Max Fillinger (1):
+      Check if pkcs11_cert is NULL before freeing it
+
+Selva Nair (3):
+      Do not add leading space to pushed options
+      pull-filter: ignore leading "spaces" in option names
+      Do not include auth-token in pulled option digest
+
+
 2022.10.27 -- Version 2.5.8
 
 Antonio Quartulli (1):

diff --git a/Changes.rst b/Changes.rst
index ec7045dae9b757d03e394bd4d408b0155023a80d..3ba78c6c7a7f3870c49592a93f1d13d04f536201 100644 (file)
--- a/Changes.rst
+++ b/Changes.rst
@@ -7,6 +7,29 @@ New features
   Ciphers in ``--data-ciphers`` can now be prefixed with a ``?`` to mark
   those as optional and only use them if the SSL library supports them.
 
+User-visible Changes
+--------------------
+- when compiling from a git checkout, put proper branch names into
+  windows builds
+
+Bugfixes
+--------
+- do not include auth-token in pulled-option digest (interferes with
+  persist-tun when auth-token is in use, GH #200).
+
+- fix corner case that might lead to leaked file descriptor
+
+- fix parser bug (parse_line()) that can lead to buffer overflows on
+  malformed command line or server ccd file handling.  Not exploitable.
+
+- pull-filter: ignore leading spaces in option names (work around server side
+  bug with erroneous extra spaces)
+
+- push: do not add leading spaces to "out of renegotiations" pushed auth-token
+
+- fix NULL pointer crash on "openvpn --show-tls" with mbedtls
+
+
 Overview of changes in 2.5.8
 ============================
 

diff --git a/version.m4 b/version.m4
index dd66b1a9772af88fd732ba443a39baaad787b3a0..53d1edf57d75e125994edb5b7b27f12bc1175cd2 100644 (file)
--- a/version.m4
+++ b/version.m4
@@ -3,12 +3,12 @@ define([PRODUCT_NAME], [OpenVPN])
 define([PRODUCT_TARNAME], [openvpn])
 define([PRODUCT_VERSION_MAJOR], [2])
 define([PRODUCT_VERSION_MINOR], [5])
-define([PRODUCT_VERSION_PATCH], [.8])
+define([PRODUCT_VERSION_PATCH], [.9])
 m4_append([PRODUCT_VERSION], [PRODUCT_VERSION_MAJOR])
 m4_append([PRODUCT_VERSION], [PRODUCT_VERSION_MINOR], [[.]])
 m4_append([PRODUCT_VERSION], [PRODUCT_VERSION_PATCH], [[]])
 define([PRODUCT_BUGREPORT], [openvpn-users@lists.sourceforge.net])
-define([PRODUCT_VERSION_RESOURCE], [2,5,8,0])
+define([PRODUCT_VERSION_RESOURCE], [2,5,9,0])
 dnl define the TAP version
 define([PRODUCT_TAP_WIN_COMPONENT_ID], [tap0901])
 define([PRODUCT_TAP_WIN_MIN_MAJOR], [9])