2006.09.12 -- Version 2.0.8

* Windows installer updated with OpenSSL 0.9.7k DLLs to fix
 RSA Signature Forgery (CVE-2006-4339).

* No changes to OpenVPN source code between 2.0.7 and 2.0.8.

2006.09.12 -- Version 2.1-beta15

* Windows installer updated with OpenSSL 0.9.7k DLLs to fix
 RSA Signature Forgery (CVE-2006-4339).

* Fixed bug introduced with the --port-share directive
 (back in 2.1-beta9 which causes TLS soft resets
 (1 per hour by default) in TCP server mode to force
 a blockage of tunnel packets and later time-out and
 restart the connection.

* pkcs11 changes:
 1. Modified ssl.c to not FATAL and return to init.c
    so auth-retry will work.
 2. Modifed pkcs11-helper.c to fix some problem with
    multiple providers.
 3. Updated makefile.w32-vc to include lladdr.*, updated
    linkage libraries.
 4. Modified lladdr.c to be compiled under visual C.
 5. Added retry counter to PKCS#11 PIN hook.
 6. Modified PKCS#11 PIN retry loop to return correct error
    code when PIN is incorrect.
 7. Fix handling (ignoring) zero sized attributes.
 8. Fix gcc-2 issues.
 9. Fix openssl 0.9.6 (first version) issues.
 10. easy-rsa Makefile (install) is now available so that
     distribs will be able to install it safely.

* Added two new management states:
  OPENVPN_STATE_TCP_CONNECT  -- Connecting to TCP server

* Echo management state change to log.

* Minor syshead.h change for NetBSD to allow
 TCP_NODELAY flag to work.

* Modified --port-share code to remove the assumption that
 CMSG_SPACE always evaluates to a constant, to enable
 compilation on NetBSD and possibly other BSDs as well.

* Eliminated gcc 3.3.3 warnings on NetBSD
 when ./configure --enable-strict is used.

* Added optional minimum-number-of-bytes parameter
 to --inactive directive.


Reply via email to