From: Gert Doering Date: Tue, 14 Feb 2023 16:20:58 +0000 (+0100) Subject: Preparing release 2.5.9 X-Git-Tag: v2.5.9^0 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=ea4ce681d9008f277706f4d90f2648ae043cbb2e;p=thirdparty%2Fopenvpn.git Preparing release 2.5.9 version.m4, ChangeLog, Changes.rst Signed-off-by: Gert Doering --- diff --git a/ChangeLog b/ChangeLog index 5da537a62..3701823d5 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,6 +1,31 @@ OpenVPN Change Log Copyright (C) 2002-2022 OpenVPN Inc +2023.02.14 -- Version 2.5.9 + +Arne Schwabe (6): + Implement optional cipher in --data-ciphers prefixed with ? + Fix handling an optional invalid cipher at the end of data-ciphers + Ensure that argument to parse_line has always space for final sentinel + Improve documentation on user/password requirement and unicodize function + Remove unused gc_arena + Fix corner case that might lead to leaked file descriptor + +Frank Lichtenheld (1): + msvc: always call git-version.py + +Lev Stipakov (1): + git-version.py: proper support for tags + +Max Fillinger (1): + Check if pkcs11_cert is NULL before freeing it + +Selva Nair (3): + Do not add leading space to pushed options + pull-filter: ignore leading "spaces" in option names + Do not include auth-token in pulled option digest + + 2022.10.27 -- Version 2.5.8 Antonio Quartulli (1): diff --git a/Changes.rst b/Changes.rst index ec7045dae..3ba78c6c7 100644 --- a/Changes.rst +++ b/Changes.rst @@ -7,6 +7,29 @@ New features Ciphers in ``--data-ciphers`` can now be prefixed with a ``?`` to mark those as optional and only use them if the SSL library supports them. +User-visible Changes +-------------------- +- when compiling from a git checkout, put proper branch names into + windows builds + +Bugfixes +-------- +- do not include auth-token in pulled-option digest (interferes with + persist-tun when auth-token is in use, GH #200). + +- fix corner case that might lead to leaked file descriptor + +- fix parser bug (parse_line()) that can lead to buffer overflows on + malformed command line or server ccd file handling. Not exploitable. + +- pull-filter: ignore leading spaces in option names (work around server side + bug with erroneous extra spaces) + +- push: do not add leading spaces to "out of renegotiations" pushed auth-token + +- fix NULL pointer crash on "openvpn --show-tls" with mbedtls + + Overview of changes in 2.5.8 ============================ diff --git a/version.m4 b/version.m4 index dd66b1a97..53d1edf57 100644 --- a/version.m4 +++ b/version.m4 @@ -3,12 +3,12 @@ define([PRODUCT_NAME], [OpenVPN]) define([PRODUCT_TARNAME], [openvpn]) define([PRODUCT_VERSION_MAJOR], [2]) define([PRODUCT_VERSION_MINOR], [5]) -define([PRODUCT_VERSION_PATCH], [.8]) +define([PRODUCT_VERSION_PATCH], [.9]) m4_append([PRODUCT_VERSION], [PRODUCT_VERSION_MAJOR]) m4_append([PRODUCT_VERSION], [PRODUCT_VERSION_MINOR], [[.]]) m4_append([PRODUCT_VERSION], [PRODUCT_VERSION_PATCH], [[]]) define([PRODUCT_BUGREPORT], [openvpn-users@lists.sourceforge.net]) -define([PRODUCT_VERSION_RESOURCE], [2,5,8,0]) +define([PRODUCT_VERSION_RESOURCE], [2,5,9,0]) dnl define the TAP version define([PRODUCT_TAP_WIN_COMPONENT_ID], [tap0901]) define([PRODUCT_TAP_WIN_MIN_MAJOR], [9])