openvpn

v2.7.4 Breaking

This release includes 1 breaking change for platform teams planning a safe upgrade.

Published 1mo VPN & Tunnels

✓ No known CVEs patched

✓ No known CVEs patched in this version

Topics

security vpn

Summary

AI summary

Removed ineffective --enable-strict and --enable-strict-options configure flags.

Full changelog

using --dns server ... style configs on Windows with win-dco would
lead to erroneously enabling "DnsSecValidationRequired : True", possibly
breaking VPN DNS resolution. Pushing --dns server ... dnssec no
can be used as a workaround until clients can be updated.
(Github: openvpn#1024)
correct comments in the --dns-up-down platform scripts relating to
dns_server_..._dnssec values.
fix release-only build of pkcs11-helper vcpkg port, do not try to
install files from debug build.
mbedTLS builds will now provide a proper error message if a
tls-group statement with no valid groups is encountered
(used to run into SSL handshake failure later on).
--enable-strict and --enable-strict-options configure flags have
been removed (because they did not actually do anything anymore)

For details see Changes.rst

Windows Client: Community MSI installer for Windows client can be found at Community Downloads.

Linux Packages: Instructions for installing community-maintained Linux packages can be found in the Community Wiki.

Full Changelog: https://github.com/OpenVPN/openvpn/compare/v2.7.3...v2.7.4

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Track openvpn

Get notified when new releases ship.

About openvpn

OpenVPN is an open source VPN daemon