OpenVPN Security Advisory: Dec 14, 2018
Action needed: Important update for OpenVPN Access Server

OpenVPN Connect Client for Windows change log

Release notes for version 2.7.1.101

  • Signed this build with a new software publisher EV certificate valid until 23-2-2022, as the old certificate had expired.
  • Resolved a problem where reconnect would fail on a round-robin DNS hostname as server address in combination with full-tunnel redirection.

Release notes for version 2.6.0.103

  • Added DHCP option PROXY_AUTO_CONFIG_URL capability for proxy auto configuration (PAC) in the operating system. It is now possible to do for example:
  • push “dhcp-option PROXY_AUTO_CONFIG_URL (url to proxy PAC settings file)"
    • DNS default suffix pushed by the VPN server should now have priority when the client already had a DNS default suffix set locally.

Release notes for version 2.5.0.136

  • Fixed launch issue on some older Windows platforms when Microsoft Visual C++ redistributable wasn’t present
  • Fixed and improved platform and client version reporting to the server

Release notes for version 2.5.0.120

  • mbedTLS: fix incompatibility with PKI created by OpenSSL 1.1
  • mbedTLS: add support for ECDSA
  • mbedTLS: updated to fix CVE-2018-0487 vulnerability.
  • Issue OpenVPN client showing ‘no VPN servers’ when a connection profile with an excessively long server host name was loaded is now fixed.
  • TLS key refresh (TLS soft reset) connection interruption when using –opt-verify is now fixed.

Share