headers
Samuli Seppänen | 22 Dec 15:22
Favicon

OpenVPN 2.2.2 released

The OpenVPN community project team is proud to release OpenVPN 2.2.2. It
can be downloaded from here:

<http://openvpn.net/index.php/open-source/downloads.html>

Changes include:

- Pkcs11 support built into the Windows version
- Fixed a bug in the Windows TAP-driver

Full list of changes is attached to this email and is also available here:

<http://openvpn.net/index.php/open-source/documentation/change-log/425-changelog-for-openvpn-22.html>

For generic help use these support channels:

- Official documentation:
<http://openvpn.net/index.php/open-source/documentation/howto.html>
- Wiki: <https://community.openvpn.net>
- Forums: <https://forums.openvpn.net>
- User mailing list: <http://sourceforge.net/mail/?group_id=48978>
- User IRC channel: #openvpn at irc.freenode.net

Please report bugs and ask development questions here:

- Bug tracker and Wiki: <https://community.openvpn.net>
- Developer mailing list: <http://sourceforge.net/mail/?group_id=48978>
- Developer IRC channel: #openvpn-devel at irc.freenode.net

Note that we've recently switched to using a different Git repository:
(Continue reading)

Permalink | Reply | 0 comments |
headers
Samuli Seppänen | 6 Jul 17:55
Favicon

OpenVPN 2.2.1 released

The OpenVPN community project team is proud to release OpenVPN 2.2.1. It
can be downloaded from here:

<http://openvpn.net/index.php/open-source/downloads.html>

Changes include:

- Fixed several build issues
- Updated easy-rsa for OpenSSL 1.0.0 (fixes Trac ticket #125)
- Man-page improvements

A more comprehensive list of changes is available here:

<http://openvpn.net/index.php/open-source/documentation/change-log/425-changelog-for-openvpn-22.html>

For generic help use these support channels:

- Official documentation:
<http://openvpn.net/index.php/open-source/documentation/howto.html>
- Wiki: <https://community.openvpn.net>
- Forums: <https://forums.openvpn.net>
- User mailing list: <http://sourceforge.net/mail/?group_id=48978>
- User IRC channel: #openvpn at irc.freenode.net

Please report bugs and ask development questions here:

- Bug tracker and Wiki: <https://community.openvpn.net>
- Developer mailing list: <http://sourceforge.net/mail/?group_id=48978>
- Developer IRC channel: #openvpn-devel at irc.freenode.net
(Continue reading)

Permalink | Reply | 0 comments |
headers
Samuli Seppänen | 27 Apr 20:48
Favicon

OpenVPN 2.2.0 released

The OpenVPN community project team is proud to release OpenVPN 2.2.0. It
can be downloaded from here:

<http://openvpn.net/index.php/open-source/downloads.html>

Changes include:

- Several man-page updates
- Several buildsystem fixes
- Fixed a bug with GUI icon deletion on upgrade from 2.2-RC or earlier
- Change the default --tmp-dir path to a more suitable path
- Improve the mysprintf() issue in openvpnserv.c
- Fixed bug in port-share that could cause port share process to crash
- Fix the --client-cert-not-required feature

A more comprehensive list of changes is available here:

<http://openvpn.net/index.php/open-source/documentation/change-log/425-changelog-for-openvpn-22.html>

For generic help use these support channels:

- Official documentation:
<http://openvpn.net/index.php/open-source/documentation/howto.html>
- Wiki: <https://community.openvpn.net>
- Forums: <https://forums.openvpn.net>
- User mailing list: <http://sourceforge.net/mail/?group_id=48978>
- User IRC channel: #openvpn at irc.freenode.net

Please report bugs and ask development questions here:
(Continue reading)

Permalink | Reply | 0 comments |
headers
Samuli Seppänen | 25 Mar 21:23
Favicon

OpenVPN 2.2-RC2 released

The OpenVPN community project team is proud to release OpenVPN 2.2-RC2.
It can be downloaded from here:

<http://openvpn.net/index.php/open-source/downloads.html>

Changes include:

* Turn off ENABLE_CLIENT_ONLY build setting that disabled all server
functionality (turned on in 2.2-RC by mistake)
* Implement IPv6 in TUN mode for Windows TAP driver
* Several buildsystem fixes and enhancements
* Several man-page fixes

A more comprehensive list of changes is available here:

<http://openvpn.net/index.php/open-source/documentation/change-log/425-changelog-for-openvpn-22.html>

If you find a bug in this release, please file a bug report to our Trac
bug tracker:

<https://community.openvpn.net>

In uncertain cases please contact our developers first, either using the
openvpn-devel mailinglist (http://sourceforge.net/mail/?group_id=48978)
or the developer IRC channel (#openvpn-devel at irc.freenode.net).

NOTE: In production environments you should use the latest stable
release, not this release candidate build.

--

--
(Continue reading)

Permalink | Reply | 0 comments |
headers
Samuli Seppänen | 4 Mar 20:26
Favicon

OpenVPN 2.2-RC released

The OpenVPN community project team is proud to release OpenVPN 2.2-RC.
It can be downloaded from here:

 * http://openvpn.net/index.php/open-source/downloads.html

Changes include:

    * Windows installer built and packaged with the new Python-based
buildsystem that utilizes the Visual Studio 2008 toolchain
    * Lots of enhancements and fixes to the Python-based Windows
buildsystem (see Changelog for details)
    * Make the --x509-username-field feature an opt-in feature

A more comprehensive list of changes is available here:

 *
http://openvpn.net/index.php/open-source/documentation/change-log/425-changelog-for-openvpn-22.html

If you find a bug in this release, please file a bug report to our Trac
bug tracker. In uncertain cases please contact our developers first,
either using the openvpn-devel mailinglist or the developer IRC channel
(#openvpn-devel at irc.freenode.net).

NOTE: In production environments you should use the latest stable
release, not this release candidate build.

--

-- 
Samuli Seppänen
Community Manager
OpenVPN Technologies, Inc
(Continue reading)

Permalink | Reply | 0 comments |
headers
Samuli Seppänen | 3 Dec 22:16
Favicon

OpenVPN 2.2-beta5 released

The OpenVPN community project team is proud to release OpenVPN
2.2-beta5. It can be downloaded from here:

<http://openvpn.net/index.php/open-source/downloads.html>

Changes since last beta release (2.2-beta3) include:

- Adding support for SOCKS plain text authentication
- Add HTTP/1.1 Host header
- TAP support on Solaris
- "topology subnet" made to work on Solaris
- Lots of bugfixes, see changelog for details

If you find a bug in this release, please file a bug report to our Trac
bug tracker at

<https://community.openvpn.net>

In uncertain cases please contact our developers first, either using the
openvpn-devel mailinglist
<https://lists.sourceforge.net/mailman/listinfo/openvpn-devel>or the
developer IRC channel (#openvpn-devel <at> irc.freenode.net).

--

-- 
Samuli Seppänen
Community Manager
OpenVPN Technologies, Inc

irc freenode net: mattock
(Continue reading)

Permalink | Reply | 0 comments |
headers
Samuli Seppänen | 9 Nov 20:04
Favicon

OpenVPN 2.1.4 released

Hi all,

OpenVPN 2.1.4 is now released. This is a bugfix release and fixes a
problem with special case route targets ('remote_host'), which could
cause filling of the routing table with random garbage. Thanks to Teodo
MICU and Gert Doering for finding and fixing this issue. There are no
other significant changes to the previous 2.1.x release. As usual, these
latest OpenVPN packages can be downloaded from here:

<http://openvpn.net/index.php/open-source/downloads.html>

Note that Debian Lenny (i386/amd64) and Ubuntu 10.04 (i386/amd64)
packages are also available.

--

-- 
Samuli Seppänen
Community Manager
OpenVPN Technologies, Inc

irc freenode net: mattock

------------------------------------------------------------------------------
The Next 800 Companies to Lead America's Growth: New Video Whitepaper
David G. Thomson, author of the best-selling book "Blueprint to a 
Billion" shares his insights and actions to help propel your 
business during the next growth cycle. Listen Now!
http://p.sf.net/sfu/SAP-dev2dev
Permalink | Reply | 0 comments |
headers
James Yonan | 16 Aug 00:27

OpenVPN version 2.1.2 released

2010.08.09 -- Version 2.1.2

* Windows security issue:
   Fixed potential local privilege escalation vulnerability in
   Windows service. The Windows service did not properly quote the
   executable filename passed to CreateService.  A local attacker
   with write access to the root directory C:\ could create an
   executable that would be run with the same privilege level as
   the OpenVPN Windows service.  However, since non-Administrative
   users normally lack write permission on C:\, this vulnerability
   is generally not exploitable except on older versions of Windows
   (such as Win2K) where the default permissions on C:\ would allow
   any user to create files there.
   Credit:  Scott Laurie, MWR InfoSecurity

* Added Python-based based alternative build system for Windows using
   Visual Studio 2008 (in win directory).

* When aborting in a non-graceful way, try to execute do_close_tun in
   init.c prior to daemon exit to ensure that the tun/tap interface is
   closed and any added routes are deleted.

* Fixed an issue where AUTH_FAILED was not being properly delivered
   to the client when a bad password is given for mid-session reauth,
   causing the connection to fail without an error indication.

* Don't advance to the next connection profile on AUTH_FAILED errors.

* Fixed an issue in the Management Interface that could cause
   a process hang with 100% CPU utilization in --management-client
(Continue reading)

Permalink | Reply | 0 comments |
headers
James Yonan | 11 Dec 10:17

OpenVPN 2.1.0 released

I'm happy to announce the release of OpenVPN 2.1.0.  This release is 
basically 2.1_rc22 + some last-minute trivial fixes to documentation and 
plugin sample code.  Enjoy!

James

------------------------------------------------------------------------------
Return on Information:
Google Enterprise Search pays you back
Get the facts.
http://p.sf.net/sfu/google-dev2dev
Permalink | Reply | 0 comments |
headers
James Yonan | 12 Nov 11:04

OpenVPN 2.1_rc21 released

This release is to respond to the OpenSSL vulnerability CVE-2009-3555.

Some people have worried that the fix made to OpenSSL to address this
vulnerability (ban all SSL/TLS renegotiations) would break OpenVPN's
session renegotiation capability.  This is not the case.  OpenVPN does 
not rely on the session renegotiation capability that is built into 
SSL/TLS, and therefore if OpenVPN is linked against an OpenSSL library 
that disables SSL/TLS renegotiation, there should be no loss of 
functionality.

Changes:

2009.11.12 -- Version 2.1_rc21

* Rebuilt OpenVPN Windows installer with OpenSSL 0.9.8l to address
   CVE-2009-3555.  Note that OpenVPN has never relied on the session
   renegotiation capabilities that are built into the SSL/TLS protocol,
   therefore the fix in OpenSSL 0.9.8l (disable SSL/TLS renegotiation
   completely) will not adversely affect OpenVPN mid-session SSL/TLS
   renegotation or any other OpenVPN capabilities.

* Added additional session renegotiation hardening.  OpenVPN has always
   required that mid-session renegotiations build up a new SSL/TLS
   session from scratch.  While the client certificate common name is
   already locked against changes in mid-session TLS renegotiations, we
   now extend this locking to the auth-user-pass username as well as all
   certificate content in the full client certificate chain.

James
(Continue reading)

Permalink | Reply | 0 comments |
headers
James Yonan | 16 May 07:54

ANNOUNCEMENT: OpenVPN Access Server beta available

As the founder of the OpenVPN project, I'm proud to announce the first 
beta release of our new product, the OpenVPN Access Server.

With this product, we've taken years of feedback from the OpenVPN 
community and condensed it into a lightweight but powerful management 
application that we believe will dramatically simplify the effort 
required to configure and manage OpenVPN, while still enabling its most 
powerful features.

It's been an interesting voyage for me, having started this project 7 
years ago.  At that time, "easy-to-use VPN" had a very different meaning 
that it does today.  "easy-to-use" meant that you could get it running 
without having to recompile your kernel :)

Over the years of developing and supporting OpenVPN, I've realized that 
getting VPNs to work right is hard -- sometimes even harder than writing 
the actual VPN code.

I think the complexity arises from the fact that VPN administration 
combines 3 different areas of expertise -- (1) Public Key Infrastructure 
(PKI) and certificate management, (2) IP Networking, including routing 
and firewall management, and (3) authentication models such as LDAP and 
RADIUS.

To me, there was always a dilemma of sorts in how to address this 
complexity.  Should OpenVPN stay true to the open source ideal of narrow 
focus and simplicity, where each tool should try to do a single job 
well, or should OpenVPN take the integrated approach and try to tackle 
all the issues that make VPNs complex, such as authentication, 
routing/firewall management, certificate management, etc?  The narrow
(Continue reading)

Permalink | Reply | 0 comments |

Gmane