- 2.5.3 had a typo in the CVE ID (CVE-2121-3606 should be -2021-) - 2.5.5 had windows paths with backslashes, which need to be doubled
(CVE ID typo also reported by "@attritionorg" in Github PR 165) v2: SSL -> ssl, and .cfg -> .cnf Signed-off-by: Gert Doering <[email protected]> --- Changes.rst | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Changes.rst b/Changes.rst index b6f98d51..4e4f2018 100644 --- a/Changes.rst +++ b/Changes.rst @@ -18,8 +18,8 @@ New features - Windows build: use CFG and Spectre mitigations on MSVC builds - bring back OpenSSL config loading to Windows builds. - OpenSSL config is loaded from %installdir%\SSL\openssl.cfg - (typically: c:\program files\openvpn\SSL\openssl.cfg) if it exists. + OpenSSL config is loaded from %installdir%\\ssl\\openssl.cnf + (typically: c:\\program files\\openvpn\\ssl\\openssl.cnf) if it exists. This is important for some hardware tokens which need special OpenSSL config for correct operation. Trac #1296 @@ -102,7 +102,7 @@ Overview of changes in 2.5.3 ============================ Bugfixes -------- -- CVE-2121-3606 +- CVE-2021-3606 see https://community.openvpn.net/openvpn/wiki/SecurityAnnouncements OpenVPN windows builds could possibly load OpenSSL Config files from -- 2.26.3 _______________________________________________ Openvpn-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-devel
