1/29/2024 0 Comments OpenVPN instal the new for androiddns: remove support for exclude-domains argument (this was a new 2.6 option, with no backend support implemented yet on any platform, and it turns out that no platform supported it at all - so remove option again) This was a somewhat obsolete feature anyway as it only worked with OpenSSL 1.x, which is end-of-support.Īdd warning if p2p NCP client connects to a p2mp server - this is a combination that used to work without cipher negotiation (pre 2.6 on both ends), but would fail in non-obvious ways with 2.6 to 2.6.Īdd warning to -show-groups that not all supported groups are listed (this is due the internal enumeration in OpenSSL being a bit weird, omitting X448 and X25519 curves). This had to be removed because the original author did not agree to relicensing the code with the new linking exception added. Remove OpenSSL Engine method for loading a key. (Github #400, #417).ĭCO: warn if DATA_V1 packets are sent by the other side - this a hard incompatibility between a 2.6.x client connecting to a 2.4.0-2.4.4 server, and the only fix is to use -disable-dco. On platforms where division by zero is fatal, this will cause an OpenVPN crash. CVE-2023-46849 OpenVPN versions between 2.6.0 and 2.6.6 incorrectly restore -fragment configuration in some circumstances, leading to a division by zero when -fragment is used.not using -secret) are affected by this issue. CVE-2023-46850 OpenVPN versions between 2.6.0 and 2.6.6 incorrectly use a send buffer after it has been free()d in some circumstances, causing some free()d memory to be sent to the peer.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |