Hi, On Mon, Jun 19, 2017 at 04:37:29PM +0200, Javier Santos wrote: > By the way, the one that Samuli created, 2.4.2-jessie0.deb for Debian Jessie, > includes new functionality, is that correct?
From a quick glance, mostly bugfixes or featurettes ("make things work more like they were originally intended to"). But the list is surprisingly long... $ git shortlog v2.4.0..v2.4.2 Antonio Quartulli (4): attempt to add IPv6 route even when no IPv6 address was configured fix redirect-gateway behaviour when an IPv4 default route does not exist CRL: use time_t instead of struct timespec to store last mtime ignore remote-random-hostname if a numeric host is provided Christian Hesse (7): man: fix formatting for alternative option systemd: Use automake tools to install unit files systemd: Do not race on RuntimeDirectory systemd: Add more security feature for systemd units Clean up plugin path handling plugin: Remove GNUism in openvpn-plugin.h generation fix typo in notification message David Sommerseth (12): management: >REMOTE operation would overwrite ce change indicator management: Remove a redundant #ifdef block git: Merge .gitignore files into a single file systemd: Move the READY=1 signalling to an earlier point plugin: Improve the handling of default plug-in directory cleanup: Remove faulty env processing functions auth-token: Ensure tokens are always wiped on de-auth docs: Fixed man-page warnings discoverd by rpmlint Make --cipher/--auth none more explicit on the risks plugin: Fix documentation typo for type_mask plugin: Export secure_memzero() to plug-ins Preparing v2.4.2 release Emmanuel Deloget (8): OpenSSL: check for the SSL reason, not the full error OpenSSL: don't use direct access to the internal of X509_STORE_CTX OpenSSL: don't use direct access to the internal of SSL_CTX OpenSSL: don't use direct access to the internal of X509_STORE OpenSSL: don't use direct access to the internal of X509_OBJECT OpenSSL: don't use direct access to the internal of RSA_METHOD OpenSSL: SSLeay symbols are no longer available in OpenSSL 1.1 OpenSSL: use EVP_CipherInit_ex() instead of EVP_CipherInit() Eric Thorpe (1): Fix Building Using MSVC Gert Doering (5): Add openssl_compat.h to openvpn_SOURCES Fix '--dev null' Fix installation of IPv6 host route to VPN server when using iservice. Make ENABLE_OCC no longer depend on !ENABLE_SMALL Preparing for release v2.4.1 (ChangeLog, version.m4) Gisle Vanem (1): Crash in options.c Hristo Venev (1): Fix extract_x509_field_ssl for external objects, v2 Ilya Shipitsin (2): Resolve several travis-ci issues travis-ci: remove unused files Olivier Wahrenberger (1): Fix building with LibreSSL 2.5.1 by cleaning a hack. Selva Nair (5): Fix push options digest update Always release dhcp address in close_tun() on Windows. Add a check for -Wl, --wrap support in linker Fix user's group membership check in interactive service to work with domains In auth-pam plugin clear the password after use Simon Matter (1): Fix segfault when using crypto lib without AES-256-CTR or SHA256 Steffan Karger (18): More broadly enforce Allman style and braces-around-conditionals Use SHA256 for the internal digest, instead of MD5 OpenSSL: 1.1 fallout - fix configure on old autoconf Fix types in WIN32 socket_listen_accept() Remove duplicate X509 env variables Fix non-C99-compliant builds: don't use const size_t as array length Deprecate --ns-cert-type Be less picky about keyUsage extensions cleanup: merge packet_id_alloc_outgoing() into packet_id_write() Don't run packet_id unit tests for --disable-crypto builds Fix Changes.rst layout Fix memory leak in x509_verify_cert_ku() mbedtls: correctly check return value in pkcs11_certificate_dn() Restore pre-NCP frame parameters for new sessions Always clear username/password from memory on error Document tls-crypt security considerations in man page Don't assert out on receiving too-large control packets (CVE-2017-7478) Drop packets instead of assert out if packet id rolls over (CVE-2017-7479) ValdikSS (1): Set a low interface metric for tap adapter when block-outside-dns is in use -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025 g...@net.informatik.tu-muenchen.de
signature.asc
Description: PGP signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users