The OpenVPN community project team is proud to release OpenVPN 2.6.12. This is a bugfix release.
Bug fixes:
  • the fix for CVE-2024-5594 (refuse control channel messages with nonprintable characters) was too strict, breaking user configurations with AUTH_FAIL messages having trailing CR/NL characters. This often happens if the AUTH_FAIL reason is set by a script. Strip those before testing the command buffer (github #568). Also, add unit test.
  • Http-proxy: fix bug preventing proxy credentials caching (trac #1187)​

Windows MSI changes since 2.6.11:
  • Built against OpenSSL 3.3.1
  • Included openvpn-gui updated to 11.50.0.0
    • Update Italian language (github #696)
DownloadsUseful resources