OpenVPN Connect for Windows change log

Release notes for 3.3.1 (2222)

Release date: 23 June 2021

  • Resolved a security issue related to OpenSSL configuration (CVE-2021-3613) reported by Xavier Danest

Release notes for 3.3.0 (2171)

Release date: 3 June 2021

  • Updated OpenVPN 3 library to 3.6.2 version.
  • Added captive portal detection: OpenVPN Connect notifies the user when a device is connected to a network with a captive portal enabled. This functionality is enabled by default and can be managed on the Settings screen in the app.
  • Added network loss detection: the VPN connection goes to a “pause” state when a network connection is lost, and automatically resumes the VPN session when the network is up.
  • Added command line interface. Refer to Command Line functionality for OpenVPN Connect.
  • Changes to software update functionality:
    • Added the ability to change the setting of the frequency of software update checks.
    • Added update checks frequency management by the admin using the directive to the profile: 0 is never; 1 is every day; 7 is once a week; and 30 is monthly. When a profile with this directive is bundled into the app, the app setting changes automatically. CONNECTV3_PREFERENCE_UPDATE_FREQUENCY=<0|1|7|30>
    • When a new version of the application is available, it becomes visible in the main menu of the app.
    • Added release notes to notification of application updates.
  • Added support for PKCS11 hardware tokens. Refer to Support of #PKCS11 physical tokens for OpenVPN Connect.
  • Replaced reconnect on reboot setting with launch options. A user can choose multiple options: startup application after OS reboot, connect with the latest connected profile, or connect only if a connection was active during the reboot (previously, behavior of “Reconnect on Reboot” setting).
  • Added external certificates on Windows 7: OpenVPN Connect supports importing and assigning an external PKCS12 identity to a profile for connection in Windows 7.
  • Added an Advanced Settings section. Settings that can break connectivity are hidden in the Advanced Settings section on the Settings screen.
  • Added colorful tray icons. The OpenVPN Connect tray icon with a color indication of connection state can be enabled on the Settings screen (default behavior on Windows 7 and Windows 8).
  • Removed the "force AES-CBC cipher" legacy compatibility option.
  • Various bug fixes and UX improvements.

Release date: 25 February 2021

  • Added support for deep linking and web authentication using system web browser

Release date: 30 October 2020

  • Minor changes for Web Auth flow
  • Added reporting UV_APP_VER values to the VPN server
  • Implemented a new way of profile bundling (distribution of MSI and profile as separate files)
  • Fixed an issue where an OpenVPN server could not be reached if it was not reachable through the default gateway
  • Fixed an issue where a large amount of routes pushed to the VPN client would cause the client to fail
  • Fixed issues with the display of the application version

Release date: 26 August, 2020

  • Added reporting UV_ASCLI_VER and UV_PLAT_REL values to the VPN server.
  • Fixed not prompting user for certificate approval under certain conditions.
  • Updated Wintun driver to v0.8.1 that contains a patch for a driver update issue.
  • Added installer routine that ensures presence of a particular Windows hotfix on Windows 7 machines (KB2921916).

Release date: 13 July, 2020

  • This is now a stable release and no longer considered beta software.
  • As part of the transition from Mbed TLS to OpenSSL the list of negotiable TLS cipher suites no longer includes weak cipher suites that lack forward secrecy support (DH/ECDH)
  • Switchover from Mbed TLS library to OpenSSL library
  • Support of TLS 1.3 version
  • Support signing with RSA-PSS signatures during TLS handshake
  • Update of OpenVPN3 library to OpenVPN core 3.5.6 version
  • Optional WinTun driver is available during installation
  • Implemented possibility to run VPN connection as system service
  • Improved stability and performance

  • Updated MbedTLS to 2.7.13 to resolve a security issue (CVE-2019-18222)

  • Fixed a failure of installation process on some operating systems with non-English localization

  • Implemented a fix for a security issue related to the location of installation files (CVE-2020-9442)

  • New profile import flow with WebAuth support
  • Added EULA license during installation
  • Added .ovpn file association
  • Added possibility to connect without external certificate when the client certificate is not required
  • Fixed connection with DUO authentication service
  • Fixed connection via server-locked profile with 2FA
  • Fixed proxy basic authentication
  • Fixed issue with long client-side scripts
  • Fixed issue with unquoted path privilege escalation reported by Yogesh Prasad (CVE-2014-5455)

  • New unified UI with 2 color scheme options
  • Dropped support of MD5 algorithm
  • Disabled tunnel compression by default (could be enabled back in the app settings)
  • Ability to add proxies for connection from within the app
  • Ability to manage external certificates directly from within the app (except in Windows 7 for the moment)
  • Separate screen with extended statistics of connection session
  • Log File with options to pause/resume, clear and save logs for sharing
  • Plenty of other settings like reconnect on reboot, seamless tunnel, IP/TLS versions etc.
  • Ability to create connect and disconnect shortcuts.