OpenVPN 2.3.10 -- released on 2016.01.04 (Change Log)
This release fixes IPv6 on WIndows XP and warns users about expired certificates. A few other small fixes and improvements are included. In addition, PolarSSL 1.3 is now required for PolarSSL builds. The Windows installers now bundle OpenVPN-GUI 10, which automatically requests administrator privileges using UAC, instead of launching as a normal user and then failing at route creation time. Windows installers I602 and I002 bundle an updated OpenSSL library, 1.0.1r, which fixes some security vulnerabilities that fortunately did not affect OpenVPN. If you're using I601 or I001 installers you're not in a hurry to upgrade. Windows I603 installers bundle OpenSSL 1.0.1s, and all the included executables/libraries now have a SHA-2 signatures instead of SHA-1.
A full list of changes is available here.
If you find a bug in this release, please file a bug report to our Trac bug tracker. In uncertain cases please contact our developers first, either using the openvpn-devel mailinglist or the developer IRC channel (#openvpn-devel at irc.freenode.net). For generic help take a look at our official documentation, wiki, forums, openvpn-users mailing list and user IRC channel (#openvpn at irc.freenode.net).
|Source Tarball (gzip)
|Source Tarball (xz)
|Source Zip||openvpn-2.3.10.zip||GnuPG Signature|
|Installer (32-bit), Windows XP
|Installer (64-bit), Windows XP
|Installer (32-bit), Windows Vista and later
|Installer (64-bit), Windows Vista and later
Instructions for verifying the signatures are available here.
We also provide static URLs pointing to latest releases to ease automation. For a list of files look here.
This release is also available in our own software repositories for Debian and Ubuntu, Supported architectures are i386 and amd64. For details. look here.
Note that easy-rsa is no longer bundled with OpenVPN source code archives. To get it, visit the easy-rsa page on GitHub, or download it from our Linux software repositories. The Windows installers are bundled with OpenVPN-GUI - its source code is available on its project page and as tarballs on our alternative download server.
WARNING: The Windows installers for these old releases may contain OpenSSL versions that have the heartbleed vulnerability or other serious security issues. You should not use any of these old OpenVPN Windows installers, unless you are absolutely sure it's safe in your use case. If you depend on an old OpenVPN version make sure you build the Windows binaries yourself and link them to an up-to-date OpenSSL version.
OpenVPN is available in repositories of most open source operating systems such as Debian, Ubuntu, Fedora, FreeBSD and Maemo. Some of them may have several versions available, e.g. one for latest beta branch, one for latest development code and one for stable releases. Using these OS-provider versions is usually easiest. However the OpenVPN project also packages latest OpenVPN releases for some open source operating systems. Take a look here to see if these packages are available for your OS.
OpenVPN uses TAP-windows to provide virtual tap device functionality on Windows. Normally you don't need to install TAP-windows separately, as OpenVPN installers include it. The tap-windows driver comes in two flavours: the NDIS 5 driver (tap-windows, version 9.9.x) for Windows XP and NDIS 6 (tap-windows6, version 9.21.x) for Windows and above. Source code for both tap-windows drivers is available on GitHub.
NOTE: If you have 9.9.x installed, you need to uninstall it before installing 9.21.x, as there are known issues with doing an upgrade.
|Installer (NDIS 5)||tap-windows-9.9.2_3.exe||GnuPG Signature|
|Installer (NDIS 6)||tap-windows-9.21.1.exe||GnuPG Signature|
Most other operating systems have virtual tap device functionality in their kernels.
Starting with openvpn-2.3_alpha2 easy-rsa is no longer part of the OpenVPN source or binary packages. It can be downloaded separately from it's GitHub project page.