From: David Sommerseth Date: Tue, 23 Aug 2016 13:08:23 +0000 (+0200) Subject: Preparing release of v2.3.12 X-Git-Tag: v2.3.12^0 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8990b218fa9db71714ac42b0095c594e19861320;p=thirdparty%2Fopenvpn.git Preparing release of v2.3.12 Signed-off-by: David Sommerseth --- diff --git a/ChangeLog b/ChangeLog index 537e213d5..6f51191d1 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,6 +1,52 @@ OpenVPN Change Log Copyright (C) 2002-2015 OpenVPN Technologies, Inc. +2016.08.23 -- Version 2.3.12 +Arne Schwabe (2): + Complete push-peer-info documentation and allow IV_PLAT_VER for other platforms than Windows if the client UI supplies it. + Move ASSERT so external-key with OpenSSL works again + +David Sommerseth (3): + Only build and run cmocka unit tests if its submodule is initialized + Another fix related to unit test framework + Remove NOP function and callers + +Dorian Harmans (1): + Add CHACHA20-POLY1305 ciphersuite IANA name translations. + +Ivo Manca (1): + Plug memory leak in mbedTLS backend + +Jeffrey Cutter (1): + Update contrib/pull-resolv-conf/client.up for no DOMAIN + +Jens Neuhalfen (2): + Add unit testing support via cmocka + Add a test for auth-pam searchandreplace + +Josh Cepek (1): + Push an IPv6 CIDR mask used by the server, not the pool's size + +Leon Klingele (1): + Add link to bug tracker + +Samuli Seppänen (2): + Update CONTRIBUTING.rst to allow GitHub PRs for code review purposes + Clarify the fact that build instructions in README are for release tarballs + +Selva Nair (4): + Make error non-fatal while deleting address using netsh + Make block-outside-dns work with persist-tun + Ignore SIGUSR1/SIGHUP during exit notification + Promptly close the netcmd_semaphore handle after use + +Steffan Karger (4): + Fix polarssl / mbedtls builds + Don't limit max incoming message size based on c2->frame + Fix '--cipher none --cipher' crash + Discourage using 64-bit block ciphers + + 2016.05.09 -- Version 2.3.11 James Yonan (1): Fixed port-share bug with DoS potential diff --git a/Changes.rst b/Changes.rst index 1ab3013c3..b121f01ad 100644 --- a/Changes.rst +++ b/Changes.rst @@ -100,6 +100,21 @@ Behavioral changes - Do not randomize resolving of IP addresses in getaddr() +Version 2.3.12 +============== + +Security changes +---------------- + +- Deprecation of ciphers using less than 128-bits cipher blocks + + It is highly recommended to avoid using ciphers listed in the new + deprecated section of --show-ciphers. These ciphers are no longer + considered safe to use. If you cannot migrate away from these + ciphers currently, it is strongly recommended to start using + --reneg-bytes with a value less than 64MB. + + Version 2.3.11 ============== diff --git a/version.m4 b/version.m4 index b9ad4e7c1..dc7a5ce60 100644 --- a/version.m4 +++ b/version.m4 @@ -1,9 +1,9 @@ dnl define the OpenVPN version define([PRODUCT_NAME], [OpenVPN]) define([PRODUCT_TARNAME], [openvpn]) -define([PRODUCT_VERSION], [2.3.11]) +define([PRODUCT_VERSION], [2.3.12]) define([PRODUCT_BUGREPORT], [openvpn-users@lists.sourceforge.net]) -define([PRODUCT_VERSION_RESOURCE], [2,3,11,0]) +define([PRODUCT_VERSION_RESOURCE], [2,3,12,0]) dnl define the TAP version define([PRODUCT_TAP_WIN_COMPONENT_ID], [tap0901]) define([PRODUCT_TAP_WIN_MIN_MAJOR], [9])