Downloads

Software update: OpenVPN 2.5.6

By admin
Spread the love

OpenVPN is a robust and easy to set up open source VPN daemon that allows several private networks to be linked together through an encrypted tunnel over the internet. For security, the OpenSSL library is used, which can handle all encryption, authentication and certification. The developers have released version 2.5.6 and the most important changes in it are listed for you below.

User-visible Changes

  • Update copyright year to 2022

New features

  • New plugin (sample-plugin/defer/multi-auth.c) to help testing with multiple parallel plugins that succeed/fail in direct/deferred mode
  • Various build improvements (github actions etc)
  • Upgrade pkcs11 helper to release 1.28.4

Bug fixes

  • CVE-2022-0547, see here for more information. If openvpn is configured with multiple authentication plugins and more than one plugin tries to do deferred authentication, the result is not well-defined – creating a possible authentication bypass.
    In this situation the server process will now abort itself with a clear log message. Only one plugin is allowed to do deferred authentication.
  • Fix “–mtu-disc maybe|yes” on Linux
    Due to configure/syshead.h/#ifdef confusion, the code in question was not compiled-in since a long time. Fixed. Track: #1452
  • Fix $common_name variable passed to scripts when username-as-common-name is in effect.
    This was not consistently set – sometimes, OpenVPN exported the username, sometimes the common name from the client cert. Fixed. Track: #1434
  • Fix potential memory leaks in add_route() and add_route_ipv6().
  • Apply connect-retry backoff only to one side of the connection in p2p mode. Without that fix/enhancement, two sides could end up only sending packets when the other end is not ready. Track: #1010, #1384
  • Remove unused sitnl.h file
  • Clean up msvc build files, remove unused MSVC build .bat files
  • Repair “–inactive” handling with a ‘bytes’ parameter larger than 2 Gbytes
    due to integer overflow, this ended up being “0” on Linux, but on Windows with MSVC it ​​ends up being “always 2 Gbyte”, both not doing what is requested. Track: #1448
  • Repair handling of EC certificates on Windows with pkcs11-helper
    (wrong compile-time defines for OpenSSL 1.1.1)

Documentation

  • Documentation improvements related to DynDNS. Track: #1417
  • Clean up documentation for –proto and related options
  • Rebuild rst docs if input files change (proper dependency handling)

Version number 2.5.6
Release status Final
Operating systems Windows 7, Linux, BSD, macOS, Solaris, UNIX, Windows Server 2003, Windows Server 2008, Windows Server 2012, Windows 8, Windows 10, Windows Server 2016, Windows Server 2019, Windows 11
Website OpenVPN
Download
License type Conditions (GNU/BSD/etc.)
You might also like
News

Rumor: Apple is working on its own applications based on a large language model

News

EU Council determines position on security requirements for digital products

News

Samsung develops first GDDR7 chips, mentions bandwidths of up to 32Gbit/s per pin

News

Meta introduces open source language model Llama 2, works on PCs and phones

News

Logitech acquires stream controller maker Loupedeck

News

Anticheat FaceIT gets Linux version, enables Steam Deck support