SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for openfortivpn-1.20.1-1.1.x86_64.rpm :

* Mon Feb 27 2023 Martin Hauke - Update to versoin 1.20.1
* Bugfix release.- Update to versoin 1.20.0
* Discard invalid empty HDLC frame at end of buffer.
* Prepend \"SVPNCOOKIE=\" to the given cookie if missing.
* Wed Oct 12 2022 Martin Hauke - Update to version 1.19.0
* fix \"Peer refused to agree to our IP address\" message
* avoid setting duplicate routes
* remove obsolete code that reads non-XML config from FortiOS
* improve warning message when reading options from config file- Update to version 1.18.0
* add new options to delegate the authentication to external programs
* minor fixes in documentation
* Sat May 07 2022 Martin Hauke - Update to version 1.17.3
* fix regression: spurious warning message after reading config
* Thu Mar 31 2022 Martin Hauke - Update to version 1.17.2
* fix memory leak when reading user input
* improve calls to getsockopt() and associated debug output
* allow reading config from process substitution
* work around CodeQL false positives, improving code at the same time
* change type of systemd.service from simple to notify
* Wed Oct 13 2021 Johannes Segitz - Added hardening to systemd service(s) (bsc#1181400). Added patch(es):
* harden_openfortivpnAATT.service.patch
* Thu Sep 09 2021 Martin Hauke - Updat eto version 1.17.1
* fix regression: enable OpenSSL engines by default
* fix typos found by codespell
* fix LGTM alerts
* Fri Jul 16 2021 Martin Hauke - Update to version 1.17.0
* make OpenSSL engines optional
* document and favor --pinentry over plain text password in configuration file
* fix buffer overflow and other errors in URI espcaping for - -pinentry
* use different --pinentry hints for different hosts, usernames and realms
* fix memory management errors related to --user-agent option
* Sun Feb 14 2021 Martin Hauke - Update to version 1.16.0
* support for user key pass phrase
* add a space at the end of the OTP prompt
* modify memory allocation in the tunnel configuration structure
* openfortivpn returns the PPP exit status
* print SSL socket options in log
* Wed Sep 09 2020 Martin Hauke - Update to version 1.15.0
* fix issue sending pin codes
* add command line option to bind to specific interface
* use different hints for OTP and 2FA
* remove password from /proc/#/cmd
* extend OTP to allow FTM push
* add preliminary support for host checks
* don\'t accept route to the vpn gateway
* fix byte counter in pppd_write
* Sat May 23 2020 Martin Hauke - Update to version 1.14.1
* fix out of bounds array access
* Tue May 12 2020 Martin Hauke - Update to version 1.14.0
* add git commit id in debug output
* do not use interface ip for routing on linux
* avoid extra hop on interface for default route
* clean up, updates and improvments in the build system
* increase the inbound HTTP buffer capacity when needed
* print domain search list to output
* add systemd service file
* add systemd notification when stopping
* allow logging with both smartcard and username
* fix GCC 9 and clang warnings
* bump default minimal TLS version from TLSv1.0 to TLSv1.2
* fix a couple coverity warnings- Package systemd service file
* Wed Apr 01 2020 Martin Hauke - Update to version 1.13.3
* fix a coverity warning
* cross-compile: do not check resolvconf on the host system
* Wed Mar 25 2020 Martin Hauke - Update to version 1.13.2
* properly build on FreeBSD, even if ppp is not installed at configure time
* build in the absence of resolvconf
* Tue Mar 24 2020 Martin Hauke - Update to versin 1.13.0
* avoid unsupported versions of resolvconf
* add configure and command line option for resolvconf
* increase BUFSIZ
* reinitialize static variables with the --persistent option
* fix a memory leak in ipv4_add_nameservers_to_resolv_conf
* Thu Feb 27 2020 Martin Hauke - Update to version 1.12.0
* fix CVE-2020-7043: TLS Certificate CommonName NULL Byte Vulnerability
* fix CVE-2020-7042: use of uninitialized memory in X509_check_host
* fix CVE-2020-7041: incorrect use of X509_check_host (regarding return value).
* always hide cleartest password in -vv output
* add a clear warning about sensitive information in the debug output
* add a hint in debug output when password is read from config file
* fix segfault when connecting with empty password
* use resolvconf if available to update resolv.conf file
* replace semicolon by space in dns-suffix string
  
ICM