This was a somewhat obsolete feature anyway as it only worked with OpenSSL 1.x, which is end-of-support. This had to be removed because the original author did not agree to relicensing the code with the new linking exception added. Remove OpenSSL Engine method for loading a key.DCO: warn if DATA_V1 packets are sent by the other side - this a hard incompatibility between a 2.6.x client connecting to a 2.4.0-2.4.4 server, and the only fix is to use "-disable-dco". Work around build fails caused by LibreSSL not longer having engine support.DCO on Linux: fix NULL-pointer crash if "-multihome" is used together with "-proto tcp".Cleanup code to remove strlen() related warnings in buf_catrunc().Cleanup bits and pieces of documentation.On platforms where division by zero is fatal, this will cause an OpenVPN crash. CVE-2023-46849 OpenVPN versions between 2.6.0 and 2.6.6 incorrectly restore "-fragment" configuration in some circumstances, leading to a division by zero when "-fragment" is used.not using -secret) are affected by this issue. CVE-2023-46850 OpenVPN versions between 2.6.0 and 2.6.6 incorrectly use a send buffer after it has been free()d in some circumstances, causing some free()d memory to be sent to the peer.De ontwikkelaars hebben versie 2.6.7 uitgebracht en de changelog voor die uitgave kan hieronder worden gevonden. Voor de beveiliging wordt gebruikgemaakt van de OpenSSL-library, waarmee alle encryptie, authenticatie en certificatie kunnen worden afgehandeld. OpenVPN is een robuuste en gemakkelijk in te stellen opensource-vpn-daemon waarmee verschillende private netwerken aan elkaar geknoopt kunnen worden via een versleutelde tunnel over internet.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |