OpenConnect 5.02 release

David Woodhouse dwmw2 at infradead.org
Wed Jan 1 18:59:15 EST 2014 

The biggest thing here is a "fix" for the XML POST issues with
authgroups. It's not really a fix; it just falls back to the old method
automatically when there's a choice, since we know it doesn't get that
right. A new release will come shortly with proper fixes for that, but
it'll require a change to the library ABI so this is probably a better
solution for distributions which are currently having issues with 5.01.

There's also a fix for a potential memory corruption which could be
triggered by a malicious server.

Thanks to Kevin Cernekee for doing much of the work for this release
(and the next one).

ftp://ftp.infradead.org/pub/openconnect/openconnect-5.02.tar.gz
ftp://ftp.infradead.org/pub/openconnect/openconnect-5.02.tar.gz.asc

David Woodhouse (14):
      Import translations from GNOME
      Include string.h where needed
      Fix outdated autohate files in release tarballs
      Set SO_SNDBUF on DTLS socket and handle -EAGAIN on it
      Simplify handling of supporting_certs
      Keep free_supporting_certs array to remember which to free
      Simplify extra_certs handling w.r.t. assign_privkey()
      Include supporting certificates from PKCS#11 tokens
      Make openconnect_set_hostname() clear vpninfo->peer_addr, use it more often
      Fix const warnings in stoken code with NLS disabled
      Import translations from GNOME
      Update changelog
      Change Transifex hostname
      Tag version 5.02

Kevin Cernekee (17):
      library: Remove declaration for nonexistent openconnect_get_vpn_name()
      auth: Remove bogus comment in parse_form()
      android: Update Makefile to use NDK r9b
      android: Add .gitignore file
      android: Honor $TMPDIR when writing CSD script
      android: Bump gmp up to version 5.1.2
      main: Move username/password/authgroup vars into main.c
      auth: Add <group-access> node to XML POST initial request
      http: Fix NULL vpninfo->hostname pointer on redirect
      auth: Save a pointer to the group_list dropdown option if it exists
      auth: Temporarily disable XML POST if an authgroup dropdown exists

-- 
dwmw2

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5745 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20140101/a9b7ccce/attachment.bin>

More information about the openconnect-devel mailing list