- Update from version 2.6.17 to 2.6.19
- No change to rootfile
- Changelog
2.6.19
Bugfixes
make dist would fail to pack unit_tests/openvpn/test_common.h, breaking
make check
on the tarball if cmocka is installed. Fix.
2.6.18
New features / User visible changes
disable DCO if --bind-dev option is given (no support for this in the old
out-of-kernel Linux DCO implementation)
on Windows, if using --ip-win32 netsh and not using the interactive
service, IPv4
addresses would be installed as "permanent", possibly causing problems
later on
with using that IPv4 address on a different interface. Change to
"store=active".
(GH: #915)
Code maintenance / Compat changes
backport fixes needed to build unit tests with cmocka 2.0.0 and -Werror
(some parts
of the old API have been deprecated and would raise warnings)
backport "ensure that all unit tests use unbuffered stdout+stderr" change,
otherwise we get no output at all if a unit test crashes
add explicit error message for failing read in multi_process_file_closed()
(reported by SRL)
test framework: permit overriding the openvpn binary called
configure.ac: remove use of PKCS11_HELPER_LIBS in mbedTLS checks (old code,
purpose
unclear, effects non-useful)
configure.ac: try to use pkg-config to detect mbedTLS
Documentation updates
improve pull-filter documentation, emphasizing possible problems if used as
a naive
security measure (reported by SRLabs).
Bugfixes
p2mp server: fix incorrect file descriptor handling on "inotify" FD during a
SIGUSR1 restart (GH: #966)
management interface: fix bug where --management-forget-disconnect and
--management-signal could be executed even if password authentication to
managment interface was still pending (Zeropath finding)
repair client-side interaction on reconnect between DCO event handling and
--persist-tun - after a ping timeout and reconnect, the DCO event
handler would
not be armed, and the next ping timeout would not be received by
userland,
causing non-working connections with nothing in the openvpn log (Linux
and
FreeBSD only, GH: #947)
prevent crash on invalid server-ipv6 argument, calling freeaddrinfo() with
a NULL
pointer. This only affects OpenBSD. (Klemens Nanni).
Signed-off-by: Adolf Belka <[email protected]>
---
lfs/openvpn | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/lfs/openvpn b/lfs/openvpn
index 25e186f12..10f1f54c4 100644
--- a/lfs/openvpn
+++ b/lfs/openvpn
@@ -1,7 +1,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2025 IPFire Team <[email protected]> #
+# Copyright (C) 2007-2026 IPFire Team <[email protected]> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -24,7 +24,7 @@
include Config
-VER = 2.6.17
+VER = 2.6.19
THISAPP = openvpn-$(VER)
DL_FILE = $(THISAPP).tar.gz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 =
a5cff9bf4de85b647bd0cef808586b2cd29694ad0134ae6e4b3f74251c2ce0908cf86cbc041768f7fbc495e3ad5c5dbb9c491fe351b99da330dd2390142b353e
+$(DL_FILE)_BLAKE2 =
4eabecd3be43c7a45dbf2fb92236f568d5273978b18d5068200277771a5f6cad5fd3cc138232812c7f2e3c9a7812e73ca63c362ec942f361401c0712dc7d8498
install : $(TARGET)
--
2.53.0
