aboutsummaryrefslogtreecommitdiff
path: root/ChangeLog
diff options
context:
space:
mode:
authorjames <james@e7ae566f-a301-0410-adde-c780ea21d3b5>2005-10-31 05:35:08 +0000
committerjames <james@e7ae566f-a301-0410-adde-c780ea21d3b5>2005-10-31 05:35:08 +0000
commit524d968b59aeea3733de8b6c714328d048141bb1 (patch)
treedeac301ae031fbe4be0504849cebfccdcfe480a4 /ChangeLog
parentsvn merge -r 734:737 $SO/trunk/openvpn (diff)
downloadopenvpn-524d968b59aeea3733de8b6c714328d048141bb1.tar.xz
ChangeLog edit
git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@741 e7ae566f-a301-0410-adde-c780ea21d3b5
Diffstat (limited to 'ChangeLog')
-rw-r--r--ChangeLog22
1 files changed, 14 insertions, 8 deletions
diff --git a/ChangeLog b/ChangeLog
index 62307b2..c127b64 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -3,13 +3,13 @@ Copyright (C) 2002-2005 OpenVPN Solutions LLC <info@openvpn.net>
$Id$
-2005.10.xx -- Version 2.1-beta5
+2005.10.31 -- Version 2.1-beta5
-* Security fix -- Affects non-Windows OpenVPN clients of
- version 2.0 or higher which connect to a malicious or
- compromised server. A format string vulnerability
- in the foreign_option function in options.c could
- potentially allow a malicious or compromised server
+* Security fix (merged from 2.0.3) -- Affects non-Windows
+ OpenVPN clients of version 2.0 or higher which connect to
+ a malicious or compromised server. A format string
+ vulnerability in the foreign_option function in options.c
+ could potentially allow a malicious or compromised server
to execute arbitrary code on the client. Only
non-Windows clients are affected. The vulnerability
only exists if (a) the client's TLS negotiation with
@@ -19,14 +19,20 @@ $Id$
and (c) the client indicates its willingness to accept
pushed options from the server by having "pull" or
"client" in its configuration file.
-* Security fix -- Potential DoS vulnerability on the
- server in TCP mode. If the TCP server accept() call
+* Security fix (merged from 2.0.3) -- Potential DoS vulnerability
+ on the server in TCP mode. If the TCP server accept() call
returns an error status, the resulting exception handler
may attempt to indirect through a NULL pointer, causing
a segfault. Affects all OpenVPN 2.0 versions.
* Fix attempt of assertion at multi.c:1586 (note that
this precise line number will vary across different
versions of OpenVPN).
+* Windows reliability changes:
+ (a) Added code to make sure that the local PATH environmental
+ variable points to the Windows system32 directory.
+ (b) Added new --ip-win32 adaptive mode which tries 'dynamic'
+ and then fails over to 'netsh' if the DHCP negotiation fails.
+ (c) Made --ip-win32 adaptive the default.
* More PKCS#11 additions/changes (Alon Bar-Lev).
* Added ".PHONY: plugin" to Makefile.am to work around
"make dist" issue.