OpenVPN 2.4.4 released (with security fixes)

Announcements from OpenVPN involving bugs, updates, and new features.
Post Reply
samuli
OpenVPN Technologies
Posts: 105
Joined: Fri Aug 13, 2010 9:05 pm

OpenVPN 2.4.4 released (with security fixes)

Post by samuli » Tue Sep 26, 2017 2:42 pm

The OpenVPN community project team is proud to release OpenVPN 2.4.4. It can be downloaded from here.

This release includes a large number of small fixes and enhancements. There is also an important security fix for legacy setups that may still be using key-method 1. As that option was deprecated 12 years ago we estimate that not many production setups are affected in practice.

In addition Windows installers have been built with NSIS version that has been patched against several NSIS installer code execution and privilege escalation problems. Based on our testing, though, older Windows versions such as Windows 7 might not benefit from these fixes. We thus strongly encourage you to always move NSIS installers to a non-user-writeable location before running them. Our long-term plan is to migrate to using MSI installers instead.

A summary of all changes is available in Changes.rst, and a full list of changes is available here.

Compared to OpenVPN 2.3 this is a major update with a large number of new features, improvements and fixes. Some of the major features are AEAD (GCM) cipher and Elliptic Curve DH key exchange support, improved IPv4/IPv6 dual stack support and more seamless connection migration when client's IP address changes (Peer-ID). Also, the new --tls-crypt feature can be used to increase users' connection privacy.

OpenVPN GUI bundled with the Windows installer has a large number of new features compared to the one bundled with OpenVPN 2.3. One of major features is the ability to run OpenVPN GUI without administrator privileges. For full details, see the changelog. The new OpenVPN GUI features are documented here.

Please note that OpenVPN 2.4 installers will not work on Windows XP.

For generic help use these support channels:
Please report bugs and ask development questions here:
EDIT: made the topic an announcement for 14 days
--
Samuli Seppänen
Community Manager
OpenVPN Technologies, Inc

irc freenode net: mattock

Post Reply