OpenVPN Security Advisory: Dec 14, 2018
Action needed: Important update for OpenVPN Access Server

OpenVPN Connect Client for Windows change log

Changes between 2.6.0.100 and 2.5.0.136

  • Added DHCP option PROXY_AUTO_CONFIG_URL capability for proxy auto configuration (PAC) in the operating system. It is now possible to do for example:
  • push “dhcp-option PROXY_AUTO_CONFIG_URL (url to proxy PAC settings file)"
    • DNS default suffix pushed by the VPN server should now have priority when the client already had a DNS default suffix set locally.

Changes between 2.5.0.120 and 2.5.0.136

  • Fixed launch issue on some older Windows platforms when Microsoft Visual C++ redistributable wasn’t present
  • Fixed and improved platform and client version reporting to the server

Changes between 2.5.0.100 and 2.5.0.120

  • mbedTLS: fix incompatibility with PKI created by OpenSSL 1.1
  • mbedTLS: add support for ECDSA
  • mbedTLS: updated to fix CVE-2018-0487 vulnerability.
  • Issue OpenVPN client showing ‘no VPN servers’ when a connection profile with an excessively long server host name was loaded is now fixed.
  • TLS key refresh (TLS soft reset) connection interruption when using –opt-verify is now fixed.

Share