Menu
▾
▴
[Openvpn-announce] OpenVPN 2.7_rc5 released
|
From: Yuriy D. <yur...@op...> - 2026-01-15 20:27:46
|
The OpenVPN community project team is proud to release OpenVPN 2.7_rc5. This is the fifth release candidate for the feature release 2.7.0. Security fixes: * CVE-2025-15497: in epoch key handling (an authenticated remote system can send a valid OpenVPN data packet that triggers an edge case where a too-strict check would trigger an ASSERT(), exiting OpenVPN) Important bug fixes since 2.7_rc4: * remove "resolve --remote on incoming TCP connects on --tcp-server" code base, because that did not work in a long time (since 2.4) and is seen as too obscure and too complicated to rescue. * repair interaction between DCO and persist-tun after reconnection (in this case the client side would fail to set up the DCO event handler, and not notice further --ping timeouts - GH: #947) * remove ENABLE_X509ALTUSERNAME conditional, always enabling "configure --enable-x509-alt-username". Effectively no change in code size, and one less build variant to maintain and test (GH: OpenVPN/openvpn#917). * require "script-security 2" when using `--dev unix:<program>` * socks client: fix and improve various code parts * configure etc: drop support for systemd 216 and older, adapt other checks to reflect modern systemd setups * fix unit test building with libcmocka 2.0+ * fix Android build warnings about unused variables/methods * allow --test-crypto to run without --secret (prepare for removal of --secret after 2.7) * improve WolfSSL build compatibility More details can be found in the Changes document: <https://github.com/OpenVPN/openvpn/blob/master/Changes.rst> Source code and Windows installers can be downloaded from our download page: <https://openvpn.net/community-downloads/> Packages for Debian, Ubuntu, Fedora, RHEL, and openSUSE are available in the various official Community repositories: <https://community.openvpn.net/Pages/OpenVPN%20software%20repos> Kind regards, Yuriy Darnobyt |
