No flaws found in OpenVPN software. Our response to the CVE-2019-14899 vulnerability report.

OpenVPN Connect for iOS change log

Back To Documentation

Request More Information

By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement

Changes between 1.2.8 and 1.2.9:

  • show MD5 warning pop-up only once per VPN session
  • fix glitch upon key re-negotiation when using tls-crypt
  • fix interoperability issue with private keys created using OpenSSL 1.1 default settings (aka add support for private keys encrypted using PKCS#5v2.0 with PRF newer than SHA1)

Changes between 1.2.7 and 1.2.8:

  • fixed spurious crash on reconnection after sleep
  • restored access to CertificatePayloads (p12 bundles) uploaded via Provisioning Profiles (.mobileconfig files)
  • show warning pop-up when connecting to server using insecure MD5 algorithm to sign certificates (MD5 support will be dropped end of Apr 2018)
  • report unique app specific UUID to server within peer info (variable IV_HWADDR)
  • added support for ECDSA ciphersuites (for EC certificates)
  • fixed VPN status after closing and re-opening App with tunnel activated (VPN IPs, last event, etc.)
  • fixed profiles loading from iCloud with Files app (due to an iOS bug, only 1 file can be loaded at once)
  • improved .ovpn12 file import

Changes between 1.2.6 and 1.2.7:

  • fixed WiFi detection while connected via LTE
  • fixed tunnel reconfiguration after reconnection with seamless tunnel ON
  • added message about new .ovpn12 extension in cert list (when empty)
  • fixed issue with DNS upon reconnection in split tunnel setups
  • fixed tunnel disconnection when closing App from background app list
  • fixed spurious connection crash when connecting using TCP
  • fixed several connection instabilities
  • fixed routing towards VPN IPs other than the VPN server
  • fixed usage of PROXY_AUTO_CONFIG_URL and PROXY_BYPASS setting
  • fixed DNS settings when server directive comes as last one

Changes between 1.2.5 and 1.2.6

  • fixed reconnection with external certificate or password when device is still locked
  • fixed blank-screen issue on iPods
  • fixed reconnection after sleep or connectivity loss
  • fixed seamless tunnel handling
  • fixed tls-auth setup. missing key-direction in new profiles is again interpreted as “bidirectional" mode
  • fixed DNS server assignment on split tunnel configurations
  • fixed IPv6 DNS server assignment on split tunnel configurations
  • fixed search domain assignment on split tunnel configurations
  • fixed profile renaming
  • fixed PROXY settings assignment
  • fixed permanent disconnection due to TRANSPORT_ERROR when uplink is unavailable

Changes between 1.1.1 and 1.2.5

  • converted VPN backend to new Apple Network Extensions framework
  • implemented private keychain for storing certificates and passwords. PKCS#12 bundles imported via Safari or Mail must now end with ‘.ovpn12’
  • implemented support for “tls-crypt" config option. If the OpenVPN server you are connecting to has enabled this option, it will provider a safer method to exchange certificates during the initial TLS handshake
  • improved log verbosity
  • added preference switch to disable MD5 in TLS
  • updated mbedTLS to 2.6.0 (MD5 support will be dropped on Apr, 31st 2018)
  • updated ovpn3 backend

Share