Latest version seems to be buggy and messing with the TAP adapter (from the feedbacks I got.) Need to check that.
OpenVPN v2.4.8 Released (October 31, 2019) Download Github Spoiler: New Features / Changes / Bug fixes v2.4.8 https://github.com/OpenVPN/openvpn/blob/release/2.4/Changes.rst New features Support compiling with OpenSSL 1.1 without deprecated APIs handle PSS padding in cryptoapicert (necessary for TLS >= 1.2) User visible changes do not abort when hitting the combination of "--pull-filter" and "--mode server" (this got hit when starting OpenVPN servers using the windows GUI which installs a pull-filter to force ip-win32) increase listen() backlog queue to 32 (improve response behaviour on openvpn servers using TCP that get portscanned) fix and enhance documentation (INSTALL, man page, ...) Bug fixes the combination "IPv6 and proto UDP and SOCKS proxy" did not work - as a workaround, force IPv4 in this case until a full implementation for IPv6-UDP-SOCKS can be made. fix IPv6 routes on tap interfaces on OpenSolaris/OpenIndiana fix building with LibreSSL do not set pkcs11-helper 'safe fork mode' (should fix PIN querying in systemd environments) repair windows builds repair Darwin builds (remove -no-cpp-precomp flag)
OpenVPN v2.4.9 Released (April 17, 2020) Download Github Spoiler: New Features / Changes / Bug fixes v2.4.9 https://github.com/OpenVPN/openvpn/blob/release/2.4/Changes.rst New features Allow unicode search string in --cryptoapicert option (Windows)) User visible changes Skip expired certificates in Windows certificate store (Windows) (trac #966) OpenSSL: Fix --crl-verify not loading multiple CRLs in one file (trac #623) When using "--auth-user-pass file" with just a username and no password in the file, OpenVPN now queries the management interface (if active) for the credentials. Previously it would query the console for the password, and fail if no console available (normal case on Windows) (trac #757) Swap the order of checks for validating interactive service user (Windows: check config location before querying domain controller for group membership, which can be slow) Bug fixes fix condition where a client's session could "float" to a new IP address that is not authorized ("fix illegal client float"). This can be used to disrupt service to a freshly connected client (no session keys negotiated yet). It can not be used to inject or steal VPN traffic. CVE-2020-11810, trac #1272). fix combination of async push (deferred auth) and NCP (trac #1259) Fix OpenSSL 1.1.1 not using auto elliptic curve selection (trac #1228) Fix OpenSSL error stack handling of tls_ctx_add_extra_certs mbedTLS: Make sure TLS session survives move (trac #880) Fix OpenSSL private key passphrase notices Fix building with --enable-async-push in FreeBSD (trac #1256) Fix broken fragmentation logic when using NCP (trac #1140)
OpenVPN v2.5 beta1 Released (August 14, 2020) Download Github Spoiler: Change sv2.5 beta This is a new major release (14th August 2020) with a large number of new features including, but not limited to Client-specific tls-crypt keys (–tls-crypt-v2) Netlink support Wintun support Linux VRF support TLS 1.3 support HMAC based auth-token support VLAN support MSI installer support (Windows) The full list is available in Changes.rst.
OpenVPN v2.5 beta3 Released (August 31, 2020) Download Github Spoiler: Changes v2.5 beta OpenVPN v2.5_beta3 release 2020.08.31 -- Version 2.5_beta3 [...] OpenVPN v2.5_beta2 release 2020.08.26 -- Version 2.5_beta2 [...] OpenVPN v2.5_beta1 2020.08.12 -- Version 2.5_beta1 [...]
