Software-update: OpenVPN 2.6.12

OpenVPN is een robuuste en gemakkelijk in te stellen opensource-vpn-daemon waarmee verschillende private netwerken aan elkaar geknoopt kunnen worden via een versleutelde tunnel over internet. Voor de beveiliging wordt gebruikgemaakt van de OpenSSL-library, waarmee alle encryptie, authenticatie en certificatie kunnen worden afgehandeld. De ontwikkelaars hebben versie 2.6.12 uitgebracht en de changelog voor die uitgave kan hieronder worden gevonden.

Bug fixes

The fix for CVE-2024-5594 (refuse control channel messages with nonprintable characters) was too strict, breaking user configurations with AUTH_FAIL messages having trailing CR/NL characters. This often happens if the AUTH_FAIL reason is set by a script. Strip those before testing the command buffer (Github: #568). Also, add unit test.Http-proxy: fix bug preventing proxy credentials caching (Trac: #1187)

The fix for CVE-2024-5594 (refuse control channel messages with nonprintable characters) was too strict, breaking user configurations with AUTH_FAIL messages having trailing CR/NL characters. This often happens if the AUTH_FAIL reason is set by a script. Strip those before testing the command buffer (Github: #568). Also, add unit test.

Http-proxy: fix bug preventing proxy credentials caching (Trac: #1187)

Code maintenance

Try to detect LZO installation with pkg-config (= on many systems manually setting LZO_CFLAGS/LZO_LIBS should no longer be necessary)

Try to detect LZO installation with pkg-config (= on many systems manually setting LZO_CFLAGS/LZO_LIBS should no longer be necessary)

Source: Tweakers.net