OpenVPN 3 Linux v24 (Bugfix/security release)
The v24.1 release is small security and bugfix release.
* Security: CVE-2025-3908 - openvpn3-admin init-config follow symlink issue
Wolfgang Frisch from the SUSE security team reach out and notified us
of a potential issue with the openvpn3-admin init-config command following
symlinks when creating needed directories. This has been resolved and
this command will no longer follow symlinks any more and will insist
the user running this command to setup these directories manually with
the correct ownership and privileges.
* Bugfix: openvpn3 session-manage --log-level can crash the Session Manager
When changing the log-level for an on-going VPN session to an invalid
log-level value, the Session Manager process would fail and stop running
due to an uncaught exception. The result would not affect the currently
on-going VPN sessions, but none of those sessions could be managed via
the session manager any more. This has been fixed and the Session Manager
will now reply to the caller with an error message instead. This issue
was reported by Wolfgang Frisch from the SUSE security team.
* Bugfix: Control character injection via command line arguments
All the command line arguments would pass on ASCII control characters
which could be used to inject misleading information into logs. Since
none of the entry points of user data need ASCII control characters
except newline characters a few places, these characters are now removed.
This issue was reported by Wolfgang Frisch from the SUSE security team.
* Bugfix: openvpn3-service-backendstart crash during shutdown
Occasionally the openvpn3-service-backendstart helper service could
crash during it's shutdown phase. This was due to an uncaught exception.
This has been resolved.
* Bugfix: VPN session failing to start without org.freedesktop.hostname1
The current client code expected the org.freedesktop.hostname1
(systemd-hostnamed) service to be available. On systems without systemd,
this would result in the client using a longer time to wait for this
service to appear before continuing. Meanwhile, the Session Manager
would also not receive a response in time from this client process, thus
considering it unresponsive and stopping the VPN session instead.
This has been resolved by querying the master D-Bus service if the
org.freedesktop.hostname1 service is available or not and just continue
without it if it is unavailable.
* Build fix: Meson clean-up
Newer Meson versions had several minor complaints about the build configuration.
These issues should now be resolved and Meson should no longer report any
warnings.
* Build fix: GCC-15 related build issues
The GCC-15 compiler now starts to complain about more issues which was
not raised by prior compiler versions with the same compiler flags. The
issues raised by GCC-15 is now fixed.
Known issues:
- openvpn3-admin journal --since has a time zone related issue
and may not list all log events within the closest hours.
---- Changes from v24 to v24.1 -------------------------------------
David Sommerseth (31):
build: Misc cleanup in Meson build scripts
build: Fix incorrect default value assignment for create_statedir option
common: Refactor Configuration::File to use std::filesystem
ovpn3cli/init-config: Refactor file/directory handling to use std::filesystem
ovpn3cli/init-config: Don't follow symlinks setting up state/configs dirs
sessionmgr: Catch incorrect log level requests in Session object
build: Fix minor meson complaint in addons/aws
build: Improve OpenVPN 3 Core library version extraction
events/log: Refactor Events::Log()
events/log: Simplify Events::Log::str() methods
events/log: Implement character filter in Events::Log
log: Extend LogSender with a Debug_wnl() method
log/core: Enable multi-line logging via the Core D-Bus logger
log/journal: Don't filter newlines from journald entries
log: Preserve the newlines in the log when openvpn3-service-log starts
tests: Add --allow-newline to logservice1 send subcommand
common/cmdargparser: Minor code cleanup in RegisterParsedArgs::register_option()
common/cmdargparser: Filter out ASCII control characters from command line
common: Merge and move string ctrl char sanitizing to a shared function
log: Filter strings coming via D-Bus calls
sessionmgr/client: Filter reason string to Pause D-Bus method call
common: Filter input value to RequiresQueue::UpdateEntry()
tests/request-queue: Remove unused local function
configmgr/test: Add tests for control chars in various configuration profiles
configmgr: Remove control characters from various user input via D-Bus
netcfg: Remove control characters from the D-Bus method inputs
log: Add missing cstdint header in logmetadata.hpp
common: Check if org.freedesktop.hostname1 is available in PlatformInfo
client: Handle exceptions in ~BackendStarterSrv
build: Allow version tags to contain dots and minor version digits
configmgr/proxy: Ignore minor version number in feature check
--------------------------------------------------------------------