Skip to content

Commit fccae1f

Browse files
cron2cron2
committed
Preparing release 2.5.10
version.m4, ChangeLog, Changes.rst Signed-off-by: Gert Doering <[email protected]>
1 parent d29496c commit fccae1f

File tree

3 files changed

+44
-2
lines changed

3 files changed

+44
-2
lines changed

ChangeLog

Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,20 @@
11
OpenVPN Change Log
22
Copyright (C) 2002-2022 OpenVPN Inc <[email protected]>
33

4+
2024.03.21 -- Version 2.5.10
5+
6+
Arne Schwabe (1):
7+
Add Apache2 linking with for new commits
8+
9+
George Pchelkin (1):
10+
fix typo: dhcp-options to dhcp-option in vpn-network-options.rst
11+
12+
Lev Stipakov (3):
13+
win32: Enforce loading of plugins from a trusted directory
14+
interactive.c: disable remote access to the service pipe
15+
interactive.c: Fix potential stack overflow issue
16+
17+
418
2023.02.14 -- Version 2.5.9
519

620
Arne Schwabe (6):

Changes.rst

Lines changed: 28 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,31 @@
1+
Overview of changes in 2.5.10
2+
=============================
3+
Security fixes
4+
--------------
5+
- CVE-2024-27459: Windows: fix a possible stack overflow in the
6+
interactive service component which might lead to a local privilege
7+
escalation.
8+
Reported-by: Vladimir Tokarev <[email protected]>
9+
10+
- CVE-2024-24974: Windows: disallow access to the interactive service
11+
pipe from remote computers.
12+
Reported-by: Vladimir Tokarev <[email protected]>
13+
14+
- CVE-2024-27903: Windows: disallow loading of plugins from untrusted
15+
installation paths, which could be used to attack openvpn.exe via
16+
a malicious plugin. Plugins can now only be loaded from the OpenVPN
17+
install directory, the Windows system directory, and possibly from
18+
a directory specified by HKLM\SOFTWARE\OpenVPN\plugin_dir.
19+
Reported-by: Vladimir Tokarev <[email protected]>
20+
21+
User visible changes
22+
--------------------
23+
- License amendment: all NEW commits fall under a modified license that
24+
explicitly permits linking with Apache2 libraries (mbedTLS, OpenSSL) -
25+
see COPYING for details. Existing code in the release/2.5 branch
26+
will not been relicensed (only in release/2.6 and later branches).
27+
28+
129
Overview of changes in 2.5.9
230
============================
331

version.m4

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -3,12 +3,12 @@ define([PRODUCT_NAME], [OpenVPN])
33
define([PRODUCT_TARNAME], [openvpn])
44
define([PRODUCT_VERSION_MAJOR], [2])
55
define([PRODUCT_VERSION_MINOR], [5])
6-
define([PRODUCT_VERSION_PATCH], [.9])
6+
define([PRODUCT_VERSION_PATCH], [.10])
77
m4_append([PRODUCT_VERSION], [PRODUCT_VERSION_MAJOR])
88
m4_append([PRODUCT_VERSION], [PRODUCT_VERSION_MINOR], [[.]])
99
m4_append([PRODUCT_VERSION], [PRODUCT_VERSION_PATCH], [[]])
1010
define([PRODUCT_BUGREPORT], [[email protected]])
11-
define([PRODUCT_VERSION_RESOURCE], [2,5,9,0])
11+
define([PRODUCT_VERSION_RESOURCE], [2,5,10,0])
1212
dnl define the TAP version
1313
define([PRODUCT_TAP_WIN_COMPONENT_ID], [tap0901])
1414
define([PRODUCT_TAP_WIN_MIN_MAJOR], [9])

0 commit comments

Comments
 (0)