• CVE-2024-27459: Windows: fix a possible stack overflow in the interactive service component which might lead to a local privilege escalation. Reported-by: Vladimir Tokarev <vtokarev@microsoft.com>
• CVE-2024-24974: Windows: disallow access to the interactive service pipe from remote computers. Reported-by: Vladimir Tokarev <vtokarev@microsoft.com>
• CVE-2024-27903: Windows: disallow loading of plugins from untrusted installation paths, which could be used to attack openvpn.exe via a malicious plugin. Plugins can now only be loaded from the OpenVPN install directory, the Windows system directory, and possibly from a directory specified by HKLM\SOFTWARE\OpenVPN\plugin_dir. Reported-by: Vladimir Tokarev <vtokarev@microsoft.com>
• CVE-2024-1305: Windows TAP driver: Fix potential integer overflow in TapSharedSendPacket. Reported-by: Vladimir Tokarev <vtokarev@microsoft.com>

• t_client.sh can now run pre-tests and skip a test block if needed (e.g. skip NTLM proxy tests if SSL library does not support MD4)

• Update copyright notices to 2024

• Windows: if the win-dco driver is used (default) and the GUI requests use of a proxy server, the connection would fail. Disable DCO in this case. (Github: #522)
• Compression: minor bugfix in checking option consistency vs. compiled-in algorithm support
• systemd unit files: remove obsolete syslog.target

• remove license warnings about mbedTLS linking (README.mbedtls)
• update documentation references in systemd unit files
• sample config files: remove obsolete tls-*.conf files
• document that auth-user-pass may be inlined

• For the Windows-specific security fixes see above
• Built against OpenSSL 3.2.1
• Included tap6-windows driver updated to 9.27.0
  • Security fix, see above
• Included ovpn-dco-win driver updated to 1.0.1
  • Ensure we don't pass too large key size to CryptoNG. We do not consider this a security issue since the CryptoNG API handles this gracefully either way.
• Included openvpn-gui updated to 11.48.0.0
  • Position tray tooltip above the taskbar
  • Combine title and message in tray icon tip text
  • Use a custom tooltip window for the tray icon

• Update include ovpn-dco-win to v1.1.1
  • Improves reconnect behavior after hibernate/standby. (Github: #64)

• Update include ovpn-dco-win to v1.2.1
  • Fix bug check in timer management routines. (Github: #70)

• Windows Installer: fix CVE-2023-7235 where installing to a non-default directory could lead to a local privilege escalation. Reported by Will Dormann.

• Add support for building with mbedTLS 3.x.x
• New option --force-tls-key-material-export to only accept clients that can do TLS keying material export to generate session keys (mostly an internal option to better deal with TLS 1.0 PRF failures).
• Windows: bump vcpkg-ports/pkcs11-helper to 1.30
• Log incoming SSL alerts in easier to understand form and move logging from --verb 8 to --verb 3.
• protocol_dump(): add support for printing --tls-crypt packets

• License change is now complete, and all code has been re-licensed under the new license (still GPLv2, but with new linking exception for Apache2 licensed code). See COPYING for details.
• Code that could not be re-licensed has been removed or rewritten.
• The original code for the --tls-export-cert feature has been removed (due to the re-licensing effort) and rewritten without looking at the original code. Feature-compatibility has been tested by other developers, looking at both old and new code and documentation, so there *should* not be a user-visible change here.
• IPv6 route addition/deletion are now logged on the same level (3) as for IPv4. Previously IPv6 was always logged at --verb 1.
• Better handling of TLS 1.0 PRF failures in the underlying SSL library (e.g. on some FIPS builds) – this is now reported on startup, and clients before 2.6.0 that can not use TLS EKM to generate key material are rejected by the server. Also, error messages are improved to see what exactly failed.

• FreeBSD: for servers with multiple clients, reporting of peer traffic statistics would fail due to insufficient buffer space (Github: #487)

• Security fix, see above
• Built against OpenSSL 3.2.0
• Included openvpn-gui updated to 11.47.0.0
  • Windows GUI: always update tray icon on state change (Github: #669) (for persistent connection profiles, "connecting" state would not show)

• Windows: print warning if pushed options require DHCP (e.g. DOMAIN-SEARCH) and driver in use does not use DHCP (wintun, dco).

• SIGSEGV crash: Do not check key_state buffers that are in S_UNDEF state (Github #449) - the new sanity check function introduced in 2.6.7 sometimes tried to use a NULL pointer after an unsuccessful TLS handshake
• Windows: --dns option did not work when tap-windows6 driver was used, because internal flag for "apply DNS option to DHCP server" wasn't set (Github #447)
• Windows: fix status/log file permissions, caused by regression after changing to CMake build system (Github: #454, Trac: #1430)
• Windows: fix --chdir failures, also caused by error in CMake build system (Github #448)

• Included openvpn-gui updated to 11.46.0.0

• CVE-2023-46850 OpenVPN versions between 2.6.0 and 2.6.6 incorrectly use a send buffer after it has been free()d in some circumstances, causing some free()d memory to be sent to the peer. All configurations using TLS (e.g. not using --secret) are affected by this issue. (found while tracking down CVE-2023-46849 / Github #400, #417)
• CVE-2023-46849 OpenVPN versions between 2.6.0 and 2.6.6 incorrectly restore --fragment configuration in some circumstances, leading to a division by zero when --fragment is used. On platforms where division by zero is fatal, this will cause an OpenVPN crash. (Github #400, #417)

• DCO: warn if DATA_V1 packets are sent by the other side - this a hard incompatibility between a 2.6.x client connecting to a 2.4.0-2.4.4 server, and the only fix is to use --disable-dco.
• Remove OpenSSL Engine method for loading a key. This had to be removed because the original author did not agree to relicensing the code with the new linking exception added. This was a somewhat obsolete feature anyway as it only worked with OpenSSL 1.x, which is end-of-support.
• add warning if p2p NCP client connects to a p2mp server - this is a combination that used to work without cipher negotiation (pre 2.6 on both ends), but would fail in non-obvious ways with 2.6 to 2.6.
• add warning to --show-groups that not all supported groups are listed (this is due the internal enumeration in OpenSSL being a bit weird, omitting X448 and X25519 curves).
• --dns: remove support for exclude-domains argument (this was a new 2.6 option, with no backend support implemented yet on any platform, and it turns out that no platform supported it at all - so remove option again)
• warn user if INFO control message too long, do not forward to management client (safeguard against protocol-violating server implementations)

• DCO-WIN: get and log driver version (for easier debugging).
• print "peer temporary key details" in TLS handshake
• log OpenSSL errors on failure to set certificate, for example if the algorithms used are in acceptable to OpenSSL (misleading message would be printed in cryptoapi / pkcs11 scenarios)
• add CMake build system for MinGW and MSVC builds
• remove old MSVC build system
• improve cmocka unit test building for Windows

• Included openvpn-gui updated to 11.45.0.0
  • Add clarity for error on missing management parameter. See GH #657
  • Improve "OpenVPN GUI" tooltip handling See GH #649
• MSIs now use OpenSSL 3.1.4

• OCC exit messages are now logged more visibly See GH #391.
• OpenSSL error messages are now logged with more details (for example, when loading a provider fails, which .so was tried, and why did it fail) See GH #361.
• print a more user-friendly message when tls-crypt-v2 client auth fails
• packaging now includes all documentation in the source tarball

• set WINS server via interactive service - this adds support for "dhcp-option WINS 192.0.2.1" for DCO + wintun interfaces where no DHCP server is used. See GH #373.

• Included openvpn-gui updated to 11.44.0.0
• MSIs now use OpenSSL 3.1.2

• tapctl (windows): generate driver-specific names (if using tapctl to create additional tap/wintun/dco devices, and not using --name). See GH #337.
• interactive service (windows): do not force target desktop for openvpn.exe - this has no impact for normal use, but enables running of OpenVPN in a scripted way when no user is logged on (for example, via task scheduler). See GH openvpn-gui#626

• MSIs now use OpenSSL 3.1.1

• License amendment: all new commits fall under a modified license that explicitly permits linking with Apache2 libraries (mbedTLS, OpenSSL) - see COPYING for details. Existing code will fall under the new license as soon as all contributors have agreed to the change - work ongoing.

• DCO: support kernel-triggered key rotation (avoid IV reuse after 2^32 packets). This is the userland side, accepting a message from kernel, and initiating a TLS renegotiation. As of 2.6.4 release, only implemented in FreeBSD kernel.

• Rebuilt included tap-windows driver with the correct version of the old Windows 7 driver, removing a warning about unsigned driver on Windows 7 installation. See GH openvpn-build#365.

• Windows: support setting DNS domain in configurations without GUI and DHCP (typically wintun or windco drivers), see GH openvpn#306.

• Several Windows-specific issues fixed:
  • ensure interactive service stays enabled after silent reinstall, see GH openvpn-build#348, openvpn-build#349 and openvpn-build#351
  • repair querying install path info for easyrsa-start.bat on some Windows language versions, see GH openvpn-build#352.
• MSIs are now built against OpenSSL 3.1.0.
• Update included openvpn-gui to 11.41.0.0
  • This update removes the ability to change the password of a private key from the GUI. This was a niche feature which caused a direct dependency of GUI on OpenSSL. Use openssl.exe directly if you need to edit a private key.

• The GPG subkey for creating the .asc files for the downloads has been updated. You might need to re-download or update the GPG key if verifying the signatures.
• Fix the encoding of some documentation/sample files included in the installer. See GH openvpn-build#358
• Update include tap-windows6 driver to 9.25.0
  • Fixes a problem with sending small non-IP packets (e.g. PPPoE) over the VPN connection. See GH tap-windows6#158
  • Note: The new driver is only used on Windows 10 and newer. We can't rebuild drivers for Windows 7/8 since Microsoft doesn't support the signing mechanism anymore. We include the previous driver version to still allow installation on Windows 7/8.
• Update included openvpn-gui to 11.42.0.0
  • Fixes a problem with passphrase prompt was sometimes not displayed. See GH openvpn-gui#619
  • Adds "Password Reveal" feature which allows you to see passwords while entering them.

• implement byte counter statistics for DCO Linux (p2mp server and client)
• implement byte counter statistics for DCO Windows (client only)
• --dns server <n> address ... now permits up to 8 v4 or v6 addresses

• New control packets flow for data channel offloading on Linux: 2.6.2+ changes the way OpenVPN control packets are handled on Linux when DCO is active, fixing the lockups observed with 2.6.0/2.6.1 under high client connect/disconnect activity. This is an INCOMPATIBLE change and therefore an ovpn-dco kernel module older than v0.2.20230323 (commit ID 726fdfe0fa21) will not work anymore and must be upgraded. The kernel module was renamed to "ovpn-dco-v2.ko" in order to highlight this change and ensure that users and userspace software could easily understand which version is loaded. Attempting to use the old ovpn-dco with 2.6.2+ will lead to disabling DCO at runtime.

• Update included openvpn-gui to 11.39.0.0

• Dynamic TLS Crypt: When both peers are OpenVPN 2.6.1+, OpenVPN will dynamically create a tls-crypt key that is used for renegotiation. This ensure that only the previously authenticated peer can do trigger renegotiation and complete renegotiations.
• CryptoAPI (Windows): support issuer name as a selector. Certificate selection string can now specify a partial issuer name string as
  --cryptoapicert ISSUER:<string> where <string> is matched as a substring of the issuer (CA) name in the certificate.

• Update included ovpn-dco-win driver to 0.9.2

• Data Channel Offload (DCO) kernel acceleration support for Windows, Linux, and FreeBSD.
• OpenSSL 3 support.
• Improved handling of tunnel MTU, including support for pushable MTU.
• Outdated cryptographic algorithms disabled by default, but there are options to override if necessary.
• Reworked TLS handshake, making OpenVPN immune to replay-packet state exhaustion attacks.
• Added --peer-fingerprint mode for a more simplistic certificate setup and verification.
• Added Pre-Logon Access Provider support to OpenVPN GUI for Windows.
• Improved protocol negotiation, leading to faster connection setup.
• Included openvpn-gui updated to 11.37.0.0. See CHANGES.rst
• Updated easy-rsa3 bundled with the installer on Windows.
• Various bug fixes.

• CVE-2024-27459: Windows: fix a possible stack overflow in the interactive service component which might lead to a local privilege escalation. Reported-by: Vladimir Tokarev <vtokarev@microsoft.com>
• CVE-2024-24974: Windows: disallow access to the interactive service pipe from remote computers. Reported-by: Vladimir Tokarev <vtokarev@microsoft.com>
• CVE-2024-27903: Windows: disallow loading of plugins from untrusted installation paths, which could be used to attack openvpn.exe via a malicious plugin. Plugins can now only be loaded from the OpenVPN install directory, the Windows system directory, and possibly from a directory specified by HKLM\SOFTWARE\OpenVPN\plugin_dir. Reported-by: Vladimir Tokarev <vtokarev@microsoft.com>
• CVE-2024-1305: Windows TAP driver: Fix potential integer overflow in TapSharedSendPacket. Reported-by: Vladimir Tokarev <vtokarev@microsoft.com>

• For the Windows-specific security fixes see above
• Built against OpenSSL 1.1.1w
  • Note that OpenSSL 1.1.1 is not supported anymore, so this might not address all known issues in OpenSSL 1.1.1. If that concerns you, please switch to OpenVPN 2.6.x
• Included tap6-windows driver updated to 9.27.0
  • Security fix, see above

• OpenVPN 3 support — the GUI can also work as a user interface for the OpenVPN 3 client.
• pkcs11-id-management — the GUI can list available pkcs11-ids and allows the user to select one.
• Persistent connections — the GUI lists connections started at boot by the automatic service and lets the user control them. Interactive inputs such as username/password with such connections are possible.

Overview of changes since OpenVPN 2.4

Faster connections

• Connections setup is now much faster

Crypto specific changes

• ChaCha20-Poly1305 cipher in the OpenVPN data channel (Requires OpenSSL 1.1.0 or newer)
• Improved TLS 1.3 support when using OpenSSL 1.1.1 or newer
• Client-specific tls-crypt keys (--tls-crypt-v2)
• Improved Data channel cipher negotiation
• Removal of BF-CBC support in default configuration (see below for possible incompatibilities)

Server-side improvements

• HMAC based auth-token support for seamless reconnects to standalone servers or a group of servers.
• Asynchronous (deferred) authentication support for auth-pam plugin
• Asynchronous (deferred) support for client-connect scripts and plugins

Network-related changes

• Support IPv4 configs with /31 netmasks now
• 802.1q VLAN support on TAP servers
• IPv6-only tunnels
• New option --block-ipv6 to reject all IPv6 packets (ICMPv6)

Linux-specific features

• VRF support
• Netlink integration (OpenVPN no longer needs to execute ifconfig/route or ip commands)

Windows-specific features

• Wintun driver support, a faster alternative to tap-windows6
• Setting tun/tap interface MTU
• Setting DHCP search domain
• Allow unicode search string in --cryptoapicert option
• EasyRSA3, a modern take on OpenVPN CA management
• MSI installer

Important notices

BF-CBC cipher is no longer the default

Cipher handling for the data channel cipher has been significantly changed between OpenVPN 2.3/2.4 and v2.5, most notably there are no "default cipher BF-CBC" anymore because it is no longer considered a reasonable default. BF-CBC is still available, but it needs to be explicitly configured now.

For connections between OpenVPN 2.4 and v2.5 clients and servers, both ends will be able to negotiate a better cipher than BF-CBC. By default they will select one of the AES-GCM ciphers, but this can be influenced using the --data-ciphers setting.

Connections between OpenVPN 2.3 and v2.5 that have no --cipher setting in the config (= defaulting to BF-CBC and not being negotiation-capable) must be updated. Unless BF-CBC is included in --data-ciphers or there is a "--cipher BF-CBC" in the OpenVPN 2.5 config, a v2.5 client or server will refuse to talk to a v2.3 server or client, because it has no common data channel cipher and negotiating a cipher is not possible. Generally, we recommend upgrading such setups to OpenVPN 2.4 or v2.5. If upgrading is not possible we recommend adding data-ciphers AES-256-GCM:AES-128-GCM:AES-128-CBC (for v2.5+) or cipher AES-128-CBC (v2.4.x and older) to the configuration of all clients and servers.

If you really need to use an unsupported OpenVPN 2.3 (or even older) release and need to stay on BF-CBC (not recommended), the OpenVPN 2.5 based client will need a config file change to re-enable BF-CBC. But be warned that BF-CBC and other related weak ciphers will be removed in coming OpenVPN major releases.

For full details see the "Data channel cipher negotiation" section on the man page.

Connectivity to some VPN service provider may break

Connecting with an OpenVPN 2.5 client to at least one commercial VPN service that implemented their own cipher negotiation method that always reports back that it is using BF-CBC to the client is broken in v2.5. This has always caused warning about mismatch ciphers. We have been in contact with some service providers and they are looking into it. This is not something the OpenVPN community can fix. If your commercial VPN does not work with a v2.5 client, complain to the VPN service provider.

More details on these new features as well as a list of deprecated features and user-visible changes are available in Changes.rst.

Linux packages are available from

• Official Debian and Ubuntu apt repositories
• Red Hat/Fedora dnf/yum repositories (provided by Fedora Copr)

Useful resources

• Official documentation
• Wiki
• Bug tracker
• Support forums
• User mailing list
• User IRC channel (#openvpn at irc.libera.chat)

Overview of changes since OpenVPN 2.4

Faster connections

• Connections setup is now much faster

Crypto specific changes

• ChaCha20-Poly1305 cipher in the OpenVPN data channel (Requires OpenSSL 1.1.0 or newer)
• Improved TLS 1.3 support when using OpenSSL 1.1.1 or newer
• Client-specific tls-crypt keys (--tls-crypt-v2)
• Improved Data channel cipher negotiation
• Removal of BF-CBC support in default configuration (see below for possible incompatibilities)

Server-side improvements

• HMAC based auth-token support for seamless reconnects to standalone servers or a group of servers.
• Asynchronous (deferred) authentication support for auth-pam plugin
• Asynchronous (deferred) support for client-connect scripts and plugins

Network-related changes

• Support IPv4 configs with /31 netmasks now
• 802.1q VLAN support on TAP servers
• IPv6-only tunnels
• New option --block-ipv6 to reject all IPv6 packets (ICMPv6)

Linux-specific features

• VRF support
• Netlink integration (OpenVPN no longer needs to execute ifconfig/route or ip commands)

Windows-specific features

• Wintun driver support, a faster alternative to tap-windows6
• Setting tun/tap interface MTU
• Setting DHCP search domain
• Allow unicode search string in --cryptoapicert option
• EasyRSA3, a modern take on OpenVPN CA management
• MSI installer

Important notices

BF-CBC cipher is no longer the default

Cipher handling for the data channel cipher has been significantly changed between OpenVPN 2.3/2.4 and v2.5, most notably there are no "default cipher BF-CBC" anymore because it is no longer considered a reasonable default. BF-CBC is still available, but it needs to be explicitly configured now.

For connections between OpenVPN 2.4 and v2.5 clients and servers, both ends will be able to negotiate a better cipher than BF-CBC. By default they will select one of the AES-GCM ciphers, but this can be influenced using the --data-ciphers setting.

Connections between OpenVPN 2.3 and v2.5 that have no --cipher setting in the config (= defaulting to BF-CBC and not being negotiation-capable) must be updated. Unless BF-CBC is included in --data-ciphers or there is a "--cipher BF-CBC" in the OpenVPN 2.5 config, a v2.5 client or server will refuse to talk to a v2.3 server or client, because it has no common data channel cipher and negotiating a cipher is not possible. Generally, we recommend upgrading such setups to OpenVPN 2.4 or v2.5. If upgrading is not possible we recommend adding data-ciphers AES-256-GCM:AES-128-GCM:AES-128-CBC (for v2.5+) or cipher AES-128-CBC (v2.4.x and older) to the configuration of all clients and servers.

If you really need to use an unsupported OpenVPN 2.3 (or even older) release and need to stay on BF-CBC (not recommended), the OpenVPN 2.5 based client will need a config file change to re-enable BF-CBC. But be warned that BF-CBC and other related weak ciphers will be removed in coming OpenVPN major releases.

For full details see the "Data channel cipher negotiation" section on the man page.

Connectivity to some VPN service provider may break

Connecting with an OpenVPN 2.5 client to at least one commercial VPN service that implemented their own cipher negotiation method that always reports back that it is using BF-CBC to the client is broken in v2.5. This has always caused warning about mismatch ciphers. We have been in contact with some service providers and they are looking into it. This is not something the OpenVPN community can fix. If your commercial VPN does not work with a v2.5 client, complain to the VPN service provider.

More details on these new features as well as a list of deprecated features and user-visible changes are available in Changes.rst.

Linux packages are available from

• Official Debian and Ubuntu apt repositories
• Red Hat/Fedora dnf/yum repositories (provided by Fedora Copr)

Useful resources

• Official documentation
• Wiki
• Bug tracker
• Support forums
• User mailing list
• User IRC channel (#openvpn at irc.libera.chat)

Overview of changes since OpenVPN 2.4

Faster connections

• Connections setup is now much faster

Crypto specific changes

• ChaCha20-Poly1305 cipher in the OpenVPN data channel (Requires OpenSSL 1.1.0 or newer)
• Improved TLS 1.3 support when using OpenSSL 1.1.1 or newer
• Client-specific tls-crypt keys (--tls-crypt-v2)
• Improved Data channel cipher negotiation
• Removal of BF-CBC support in default configuration (see below for possible incompatibilities)

Server-side improvements

• HMAC based auth-token support for seamless reconnects to standalone servers or a group of servers
• Asynchronous (deferred) authentication support for auth-pam plugin
• Asynchronous (deferred) support for client-connect scripts and plugins

Network-related changes

• Support IPv4 configs with /31 netmasks now
• 802.1q VLAN support on TAP servers
• IPv6-only tunnels
• New option --block-ipv6 to reject all IPv6 packets

Linux-specific features

• VRF support
• Netlink integration (OpenVPN no longer needs to execute ifconfig/route or ip commands)

Windows-specific features

• Wintun driver support, a faster alternative to tap-windows6
• Setting tun/tap interface MTU
• Setting DHCP search domain
• Allow unicode search string in --cryptoapicert option
• EasyRSA3, a modern take on OpenVPN CA management
• MSI installer

Important notices

BF-CBC cipher is no longer the default

Useful resources

• Official documentation
• Wiki
• Bug tracker
• Support forums
• User IRC channel (#openvpn at irc.libera.chat)

Important notices

BF-CBC cipher is no longer the default

Connectivity to some VPN service provider may break

Useful resources

• Official documentation
• Wiki
• Bug tracker
• Support forums
• User mailing list
• User IRC channel (#openvpn at irc.libera.chat)

Overview of changes since OpenVPN 2.4

Faster connections

• Connections setup is now much faster

Crypto specific changes

• ChaCha20-Poly1305 cipher in the OpenVPN data channel (Requires OpenSSL 1.1.0 or newer)
• Improved TLS 1.3 support when using OpenSSL 1.1.1 or newer
• Client-specific tls-crypt keys (--tls-crypt-v2)
• Improved Data channel cipher negotiation
• Removal of BF-CBC support in default configuration (see below for possible incompatibilities)

Server-side improvements

• HMAC based auth-token support for seamless reconnects to standalone servers or a group of servers
• Asynchronous (deferred) authentication support for auth-pam plugin
• Asynchronous (deferred) support for client-connect scripts and plugins

Network-related changes

• Support IPv4 configs with /31 netmasks now
• 802.1q VLAN support on TAP servers
• IPv6-only tunnels
• New option --block-ipv6 to reject all IPv6 packets (ICMPv6)

Linux-specific features

• VRF support
• Netlink integration (OpenVPN no longer needs to execute ifconfig/route or ip commands)

Windows-specific features

• Wintun driver support, a faster alternative to tap-windows6
• Setting tun/tap interface MTU
• Setting DHCP search domain
• Allow unicode search string in --cryptoapicert option
• EasyRSA3, a modern take on OpenVPN CA management
• MSI installer

Linux packages are available from

• Official Debian and Ubuntu apt repositories
• Red Hat/Fedora dnf/yum repositories (provided by Fedora Copr)

Useful resources

• Official documentation
• Wiki
• Bug tracker
• Support forums
• User mailing list
• User IRC channel (#openvpn at irc.libera.chat)

• New tap-windows6 driver (9.24.2) which fixes some suspend and resume issues
• Latest OpenVPN-GUI
• Considerable performance boost due to new compiler optimization flags