aboutsummaryrefslogtreecommitdiff
path: root/ChangeLog
diff options
context:
space:
mode:
Diffstat (limited to 'ChangeLog')
-rw-r--r--ChangeLog39
1 files changed, 39 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog
index eda3478..aca3c3f 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -3,6 +3,45 @@ Copyright (C) 2002-2005 OpenVPN Solutions LLC <info@openvpn.net>
$Id$
+2006.04.05 -- Version 2.1-beta12
+
+* Security Vulnerability -- An OpenVPN client connecting to a
+ malicious or compromised server could potentially receive
+ "setenv" configuration directives from the server which could
+ cause arbitrary code execution on the client via a LD_PRELOAD
+ attack. A successful attack appears to require that (a) the
+ client has agreed to allow the server to push configuration
+ directives to it by including "pull" or the macro "client" in
+ its configuration file, (b) the client configuration file uses
+ a scripting directive such as "up" or "down", (c) the client
+ succesfully authenticates the server, (d) the server is
+ malicious or has been compromised and is under the control of
+ the attacker, and (e) the attacker has at least some level of
+ pre-existing control over files on the client (this might be
+ accomplished by having the server respond to a client web request
+ with a specially crafted file).
+
+ The fix is to disallow "setenv" to be pushed to clients from
+ the server, and to add a new directive "setenv-safe" which is
+ pushable from the server, but which appends "OPENVPN_" to the
+ name of each remotely set environmental variable.
+
+* "topology subnet" fix for FreeBSD (Benoit Bourdin).
+
+* PKCS11 fixes (Alon Bar-Lev). For full description:
+ svn log -r990 http://svn.openvpn.net/projects/openvpn/branches/BETA21
+
+* When deleting routes under Linux, use the route metric
+ as a differentiator to ensure that the route teardown
+ process only deletes the identical route which was originally
+ added via the "route" directive (Roy Marples).
+
+* Fix the t_cltsrv.sh file in FreeBSD 4 jails
+ (Matthias Andree, Dirk Meyer, Vasil Dimov).
+
+* Extended tun device configure code to support ethernet
+ bridging on NetBSD (Emmanuel Kasper).
+
2006.02.19 -- Version 2.1-beta11
* Fixed --port-share bug that caused premature closing