From 284b410a18a252cc4a1346e556f3515b1e994922 Mon Sep 17 00:00:00 2001 From: Guus Sliepen Date: Mon, 22 Apr 2013 21:39:25 +0200 Subject: [PATCH] Releasing 1.0.21 and 1.1pre7. --- docs.mdwn | 4 +- download.mdwn | 254 ++++---------------------------------- index.mdwn | 4 +- news/release-1.0.21.mdwn | 8 ++ news/release-1.1pre7.mdwn | 12 ++ security.mdwn | 19 ++- 6 files changed, 64 insertions(+), 237 deletions(-) create mode 100644 news/release-1.0.21.mdwn create mode 100644 news/release-1.1pre7.mdwn diff --git a/docs.mdwn b/docs.mdwn index 601c7da..ac08d35 100644 --- a/docs.mdwn +++ b/docs.mdwn @@ -15,7 +15,7 @@ something else than the documentation says, please tell us! The main source of information is the manual. This text describes how to set up a VPN using tinc. It also contains a chapter with more technical details, which you may want to read, as well as the ideas behind tinc. This manual is -currently up to date with version 1.0.20. +currently up to date with version 1.0.21. - [manual (HTML)](/documentation/tinc_toc) - [manual (PDF)](/documentation/tinc.pdf) @@ -29,7 +29,7 @@ The documentation for the prerelease versions of tinc 1.1 is also available: - [manual (HTML)](/documentation-1.1/tinc_toc) - [manual (PDF)](/documentation-1.1/tinc.pdf) - [tincd(8)](/documentation-1.1/tincd.8) -- [tincctl(8)](/documentation-1.1/tincctl.8) +- [tinc(8)](/documentation-1.1/tinc.8) - [tinc.conf(5)](/documentation-1.1/tinc.conf.5) ### Examples diff --git a/download.mdwn b/download.mdwn index ef69fe0..facf5f6 100644 --- a/download.mdwn +++ b/download.mdwn @@ -12,28 +12,28 @@ packages you should contact its maintainer. ### Latest stable release -[[!inline pages="news/release-1.0.20" template=newsitemnoheader feeds="no"]] +[[!inline pages="news/release-1.0.21" template=newsitemnoheader feeds="no"]] - -
**Version**1.0.20 + +
**Version**1.0.21
**Source** -[tinc-1.0.20.tar.gz](/packages/tinc-1.0.20.tar.gz) -([sig](/packages/tinc-1.0.20.tar.gz.sig)) +[tinc-1.0.21.tar.gz](/packages/tinc-1.0.21.tar.gz) +([sig](/packages/tinc-1.0.21.tar.gz.sig))
**Packages** -[Windows XP/Vista/7/8](/packages/windows/tinc-1.0.20-install.exe) +[Windows XP/Vista/7/8](/packages/windows/tinc-1.0.21-install.exe)
### Latest pre-release from the 1.1 branch -[[!inline pages="news/release-1.1pre6" template=newsitemnoheader feeds="no"]] +[[!inline pages="news/release-1.1pre7" template=newsitemnoheader feeds="no"]] - -
**Version**1.1pre6 + +
**Version**1.1pre7
**Source** -[tinc-1.1pre6.tar.gz](/packages/tinc-1.1pre6.tar.gz) -([sig](/packages/tinc-1.1pre6.tar.gz.sig)) +[tinc-1.1pre7.tar.gz](/packages/tinc-1.1pre7.tar.gz) +([sig](/packages/tinc-1.1pre7.tar.gz.sig))
**Packages** -[Windows XP/Vista/7/8](/packages/windows/tinc-1.1pre6-install.exe) +[Windows XP/Vista/7/8](/packages/windows/tinc-1.1pre7-install.exe)
### Distributions providing tinc @@ -64,13 +64,25 @@ using one of these packages. ### Older versions + +
**Version**1.0.20 +
**Source** +[tinc-1.0.20.tar.gz](/packages/tinc-1.0.20.tar.gz) +([sig](/packages/tinc-1.0.20.tar.gz.sig)) +
+ + +
**Version**1.1pre6 +
**Source** +[tinc-1.1pre6.tar.gz](/packages/tinc-1.1pre6.tar.gz) +([sig](/packages/tinc-1.1pre6.tar.gz.sig)) +
+
**Version**1.1pre5
**Source** [tinc-1.1pre5.tar.gz](/packages/tinc-1.1pre5.tar.gz) ([sig](/packages/tinc-1.1pre5.tar.gz.sig)) -
**Packages** -[Windows XP/Vista/7/8](/packages/windows/tinc-1.1pre5-install.exe)
@@ -78,8 +90,6 @@ using one of these packages.
**Source** [tinc-1.1pre4.tar.gz](/packages/tinc-1.1pre4.tar.gz) ([sig](/packages/tinc-1.1pre4.tar.gz.sig)) -
**Packages** -[Windows XP/Vista/7/8](/packages/windows/tinc-1.1pre4-install.exe)
@@ -87,10 +97,6 @@ using one of these packages.
**Source** [tinc-1.1pre3.tar.gz](/packages/tinc-1.1pre3.tar.gz) ([sig](/packages/tinc-1.1pre3.tar.gz.sig)) -
**Packages** -[Windows XP/Vista/7/8](/packages/windows/tinc-1.1pre3-install.exe) -
**Remarks** -The Windows binary fails to read packets from the TAP adapter.
@@ -98,8 +104,6 @@ The Windows binary fails to read packets from the TAP adapter.
**Source** [tinc-1.0.19.tar.gz](/packages/tinc-1.0.19.tar.gz) ([sig](/packages/tinc-1.0.19.tar.gz.sig)) -
**Packages** -[Windows XP/Vista/7/8](/packages/windows/tinc-1.0.19-install.exe)
@@ -107,8 +111,6 @@ The Windows binary fails to read packets from the TAP adapter.
**Source** [tinc-1.0.18.tar.gz](/packages/tinc-1.0.18.tar.gz) ([sig](/packages/tinc-1.0.18.tar.gz.sig)) -
**Packages** -[Windows XP/Vista/7](/packages/windows/tinc-1.0.18-install.exe)
@@ -116,10 +118,6 @@ The Windows binary fails to read packets from the TAP adapter.
**Source** [tinc-1.0.17.tar.gz](/packages/tinc-1.0.17.tar.gz) ([sig](/packages/tinc-1.0.17.tar.gz.sig)) -
**Packages** -[Windows XP/Vista/7](/packages/windows/tinc-1.0.17-install.exe) -
**Remarks** -IPv6 will fail to work when `Mode = switch`. The workaround is to set `DecrementTTL = no`.
@@ -127,8 +125,6 @@ IPv6 will fail to work when `Mode = switch`. The workaround is to set `Decrement
**Source** [tinc-1.0.16.tar.gz](/packages/tinc-1.0.16.tar.gz) ([sig](/packages/tinc-1.0.16.tar.gz.sig)) -
**Packages** -[Windows XP/Vista/7](/packages/windows/tinc-1.0.16-install.exe)
@@ -136,8 +132,6 @@ IPv6 will fail to work when `Mode = switch`. The workaround is to set `Decrement
**Source** [tinc-1.1pre2.tar.gz](/packages/tinc-1.1pre2.tar.gz) ([sig](/packages/tinc-1.1pre2.tar.gz.sig)) -
**Packages** -[Windows XP/Vista/7](/packages/windows/tinc-1.1pre2-install.exe)
@@ -145,8 +139,6 @@ IPv6 will fail to work when `Mode = switch`. The workaround is to set `Decrement
**Source** [tinc-1.0.15.tar.gz](/packages/tinc-1.0.15.tar.gz) ([sig](/packages/tinc-1.0.15.tar.gz.sig)) -
**Packages** -[Windows XP/Vista/7](/packages/windows/tinc-1.0.15-install.exe)
@@ -154,10 +146,6 @@ IPv6 will fail to work when `Mode = switch`. The workaround is to set `Decrement
**Source** [tinc-1.1pre1.tar.gz](/packages/tinc-1.1pre1.tar.gz) ([sig](/packages/tinc-1.1pre1.tar.gz.sig)) -
**Packages** -[Windows XP/Vista/7](/packages/windows/tinc-1.1pre1-install.exe) -
**Remarks** -One header file is missing, save [this file](http://tinc-vpn.org/git/browse?p=tinc;a=blob_plain;f=src/tincctl.h;h=114b931e5c088639a025b8ed7ac22f7240cd2c2d;hb=e4f65db89726ac06ba7e787d420db4422d9a6e98) as `src/tincctl.h` before compiling.
@@ -165,8 +153,6 @@ One header file is missing, save [this file](http://tinc-vpn.org/git/browse?p=ti
**Source** [tinc-1.0.14.tar.gz](/packages/tinc-1.0.14.tar.gz) ([sig](/packages/tinc-1.0.14.tar.gz.sig)) -
**Packages** -[Windows XP/Vista/7](/packages/windows/tinc-1.0.14-install.exe)
@@ -174,8 +160,6 @@ One header file is missing, save [this file](http://tinc-vpn.org/git/browse?p=ti
**Source** [tinc-1.0.13.tar.gz](/packages/tinc-1.0.13.tar.gz) ([sig](/packages/tinc-1.0.13.tar.gz.sig)) -
**Packages** -[Windows XP/Vista/7](/packages/windows/tinc-1.0.13-install.exe)
@@ -183,8 +167,6 @@ One header file is missing, save [this file](http://tinc-vpn.org/git/browse?p=ti
**Source** [tinc-1.0.12.tar.gz](/packages/tinc-1.0.12.tar.gz) ([sig](/packages/tinc-1.0.12.tar.gz.sig)) -
**Packages** -[Windows XP/Vista/7](/packages/windows/tinc-1.0.12-install.exe)
@@ -192,8 +174,6 @@ One header file is missing, save [this file](http://tinc-vpn.org/git/browse?p=ti
**Source** [tinc-1.0.11.tar.gz](/packages/tinc-1.0.11.tar.gz) ([sig](/packages/tinc-1.0.11.tar.gz.sig)) -
**Packages** -[Windows XP/Vista/7](/packages/windows/tinc-1.0.11-install.exe)
@@ -201,8 +181,6 @@ One header file is missing, save [this file](http://tinc-vpn.org/git/browse?p=ti
**Source** [tinc-1.0.10.tar.gz](/packages/tinc-1.0.10.tar.gz) ([sig](/packages/tinc-1.0.10.tar.gz.sig)) -
**Packages** -[Windows XP/Vista/7](/packages/windows/tinc-1.0.10-install.exe)
@@ -210,8 +188,6 @@ One header file is missing, save [this file](http://tinc-vpn.org/git/browse?p=ti
**Source** [tinc-1.0.9.tar.gz](/packages/tinc-1.0.9.tar.gz) ([sig](/packages/tinc-1.0.9.tar.gz.sig)) -
**Packages** -[Windows 2000/XP](/packages/windows/tinc-1.0.9-install.exe)
@@ -219,11 +195,6 @@ One header file is missing, save [this file](http://tinc-vpn.org/git/browse?p=ti
**Source** [tinc-1.0.8.tar.gz](/packages/tinc-1.0.8.tar.gz) ([sig](/packages/tinc-1.0.8.tar.gz.sig)) -
**Packages** -[Windows 2000/XP](/packages/windows/tinc-1.0.8-install.exe) -
**Extra** -When compiling with an old version of GCC, try the following patch, kindly provided by "Borg": -[tinc-1.0.8-gcc-2.95.patch](/contrib/tinc-1.0.8-gcc-2.95.patch).
@@ -231,11 +202,6 @@ When compiling with an old version of GCC, try the following patch, kindly provi
**Source** [tinc-1.0.7.tar.gz](/packages/tinc-1.0.7.tar.gz) ([sig](/packages/tinc-1.0.7.tar.gz.sig)) -
**Static binaries** -[OpenBSD i386](/packages/tincd-1.0.7-openbsd-i386-static.gz) -([sig](/packages/tincd-1.0.7-openbsd-i386-static.gz.sig)), -
**Packages** -[Windows 2000/XP](/packages/windows/tinc-1.0.7-install.exe)
@@ -243,15 +209,6 @@ When compiling with an old version of GCC, try the following patch, kindly provi
**Source** [tinc-1.0.6.tar.gz](/packages/tinc-1.0.6.tar.gz) ([sig](/packages/tinc-1.0.6.tar.gz.sig)) -
**Static binaries** -[FreeBSD i386](/packages/tincd-1.0.6-freebsd-i386-static.gz) -([sig](/packages/tincd-1.0.6-freebsd-i386-static.gz.sig)), -[OpenBSD i386](/packages/tincd-1.0.6-openbsd-i386-static.gz) -([sig](/packages/tincd-1.0.6-openbsd-i386-static.gz.sig)), -[NetBSD i386](/packages/tincd-1.0.6-netbsd-i386-static.gz) -([sig](/packages/tincd-1.0.6-netbsd-i386-static.gz.sig)), -
**Packages** -[Windows 2000/XP](/packages/windows/tinc-1.0.6-install.exe)
@@ -259,12 +216,6 @@ When compiling with an old version of GCC, try the following patch, kindly provi
**Source** [tinc-1.0.5.tar.gz](/packages/tinc-1.0.5.tar.gz) ([sig](/packages/tinc-1.0.5.tar.gz.sig)) -
**Static binaries** -[FreeBSD i386](/packages/tincd-1.0.5-freebsd-i386-static.gz) -([sig](/packages/tincd-1.0.5-freebsd-i386-static.gz.sig)), -
**Packages** -[Windows 2000/XP](/packages/windows/tinc-1.0.5-install.exe), -[Debian on Nokia 770](/packages/debian/tinc_1.0.5-1_armel.deb)
@@ -272,19 +223,6 @@ When compiling with an old version of GCC, try the following patch, kindly provi
**Source** [tinc-1.0.4.tar.gz](/packages/tinc-1.0.4.tar.gz) ([sig](/packages/tinc-1.0.4.tar.gz.sig)) -
**Static binaries** -[Linux x86_64](/packages/tincd-1.0.4-linux-x86_64-static.gz) -([sig](/packages/tincd-1.0.4-linux-x86_64-static.gz.sig)), -[FreeBSD i386](/packages/tincd-1.0.4-freebsd-i386-static.gz) -([sig](/packages/tincd-1.0.4-freebsd-i386-static.gz.sig)), -[NetBSD i386](/packages/tincd-1.0.4-netbsd-i386-static.gz) -([sig](/packages/tincd-1.0.4-netbsd-i386-static.gz.sig)), -[OpenBSD i386](/packages/tincd-1.0.4-openbsd-i386-static.gz) -([sig](/packages/tincd-1.0.4-openbsd-i386-static.gz.sig)), -[Solaris sparc32](/packages/tincd-1.0.4-solaris-sparc32-dynamic.gz)[*](#dynamic) -([sig](/packages/tincd-1.0.4-solaris-sparc32-dynamic.gz.sig)), -
**Packages** -[Windows 2000/XP](/packages/windows/tinc-1.0.4-install.exe)
@@ -292,22 +230,6 @@ When compiling with an old version of GCC, try the following patch, kindly provi
**Source** [tinc-1.0.3.tar.gz](/packages/tinc-1.0.3.tar.gz) ([sig](/packages/tinc-1.0.3.tar.gz.sig)) -
**Static binaries** -[Linux i386](/packages/tincd-1.0.3-linux-i386-static.gz) -([sig](/packages/tincd-1.0.3-linux-i386-static.gz.sig)), -[FreeBSD i386](/packages/tincd-1.0.3-freebsd-i386-static.gz) -([sig](/packages/tincd-1.0.3-freebsd-i386-static.gz.sig)), -[NetBSD i386](/packages/tincd-1.0.3-netbsd-i386-static.gz) -([sig](/packages/tincd-1.0.3-netbsd-i386-static.gz.sig)), -[OpenBSD i386](/packages/tincd-1.0.3-openbsd-i386-static.gz) -([sig](/packages/tincd-1.0.3-openbsd-i386-static.gz.sig)), -[Darwin powerpc](/packages/tincd-1.0.3-darwin-powerpc-dynamic.gz)[*](#dynamic) -([sig](/packages/tincd-1.0.3-darwin-powerpc-dynamic.gz.sig)), -[Solaris sparc32](/packages/tincd-1.0.3-solaris-sparc32-dynamic.gz)[*](#dynamic) -([sig](/packages/tincd-1.0.3-solaris-sparc32-dynamic.gz.sig)), -
**Packages** -[Windows 2000/XP](/packages/windows/tinc-1.0.3-install.exe), -[OpenWRT](/packages/openwrt/tinc_1.0.3_mipsel.ipk)
@@ -315,18 +237,6 @@ When compiling with an old version of GCC, try the following patch, kindly provi
**Source** [tinc-1.0.2.tar.gz](/packages/tinc-1.0.2.tar.gz) ([sig](/packages/tinc-1.0.2.tar.gz.sig)) -
**Static binaries** -[Linux i386](/packages/tincd-1.0.2-linux-i386-static.gz) -([sig](/packages/tincd-1.0.2-linux-i386-static.gz.sig)), -[NetBSD i386](/packages/tincd-1.0.2-netbsd-i386-static.gz) -([sig](/packages/tincd-1.0.2-netbsd-i386-static.gz.sig)), -[OpenBSD i386](/packages/tincd-1.0.2-openbsd-i386-static.gz) -([sig](/packages/tincd-1.0.2-openbsd-i386-static.gz.sig)), -[Solaris sparc32](/packages/tincd-1.0.2-solaris-sparc32-dynamic.gz)[*](#dynamic) -([sig](/packages/tincd-1.0.2-solaris-sparc32-dynamic.gz.sig)), -
**Packages** -[Slackware 9.1](/packages/slackware/tinc-1.0.2-i486-2.tgz), -[Windows 2000/XP](/packages/windows/tinc-1.0.2-install.exe)
@@ -334,22 +244,6 @@ When compiling with an old version of GCC, try the following patch, kindly provi
**Source** [tinc-1.0.1.tar.gz](/packages/tinc-1.0.1.tar.gz) ([sig](/packages/tinc-1.0.1.tar.gz.sig)) -
**Static binaries** -[Linux i386](/packages/tincd-1.0.1-linux-i386-static.gz) -([sig](/packages/tincd-1.0.1-linux-i386-static.gz.sig)), -[NetBSD i386](/packages/tincd-1.0.1-netbsd-i386-static.gz) -([sig](/packages/tincd-1.0.1-netbsd-i386-static.gz.sig)), -[OpenBSD i386](/packages/tincd-1.0.1-openbsd-i386-static.gz) -([sig](/packages/tincd-1.0.1-openbsd-i386-static.gz.sig)), -[Solaris sparc32](/packages/tincd-1.0.1-solaris-sparc32-dynamic.gz)[*](#dynamic) -([sig](/packages/tincd-1.0.1-solaris-sparc32-dynamic.gz.sig)), -[Darwin powerpc](/packages/tincd-1.0.1-darwin-powerpc-dynamic.gz)[*](#dynamic) -([sig](/packages/tincd-1.0.1-darwin-powerpc-dynamic.gz.sig)), -[Windows 2000/XP](/packages/tincd-1.0.1-windows-i386-static.exe) -([sig](/packages/tincd-1.0.1-windows-i386-static.exe.sig)), -
**Packages** -[Slackware 9.1](/packages/slackware/tinc-1.0.1-i486-1.tgz), -[Windows 2000/XP](/packages/windows/tinc-1.0.1-install.exe)
@@ -357,23 +251,6 @@ When compiling with an old version of GCC, try the following patch, kindly provi
**Source** [tinc-1.0.tar.gz](/packages/tinc-1.0.tar.gz) ([sig](/packages/tinc-1.0.tar.gz.sig)) -
**Static binaries** -[Linux i386](/packages/tincd-1.0-linux-i386-static.gz) -([sig](/packages/tincd-1.0-linux-i386-static.gz.sig)), -[NetBSD i386](/packages/tincd-1.0-netbsd-i386-static.gz) -([sig](/packages/tincd-1.0-netbsd-i386-static.gz.sig)), -[Solaris sparc32](/packages/tincd-1.0-solaris-sparc32-dynamic.gz)[*](#dynamic) -([sig](/packages/tincd-1.0-solaris-sparc32-dynamic.gz.sig)), -[Darwin powerpc](/packages/tincd-1.0-darwin-powerpc-dynamic.gz)[*](#dynamic) -([sig](/packages/tincd-1.0-darwin-powerpc-dynamic.gz.sig)), -[Windows 2000/XP](/packages/tincd-1.0-windows-i386-static.exe) -([sig](/packages/tincd-1.0-windows-i386-static.exe.sig)), -
**Packages** -[Windows 2000/XP](/packages/windows/tinc-1.0-install.exe) -
**Remarks** -When compiling under OpenBSD, you will need a small -[patch](/packages/tinc-1.0-openbsd-patch.gz) -([sig](/packages/tinc-1.0-openbsd-patch.gz.sig)).
@@ -381,20 +258,6 @@ When compiling under OpenBSD, you will need a small
**Source** [tinc-1.0pre8.tar.gz](/packages/tinc-1.0pre8.tar.gz) ([sig](/packages/tinc-1.0pre8.tar.gz.sig)) -
**Static binaries** -[Linux i386](/packages/tincd-1.0pre8-linux-i386-static.gz) -([sig](/packages/tincd-1.0pre8-linux-i386-static.gz.sig)), -[OpenBSD i386](/packages/tincd-1.0pre8-openbsd-i386-static.gz) -([sig](/packages/tincd-1.0pre8-openbsd-i386-static.gz.sig)), -[FreeBSD i386](/packages/tincd-1.0pre8-freebsd-i386-static.gz) -([sig](/packages/tincd-1.0pre8-freebsd-i386-static.gz.sig)), -[Solaris sparc32](/packages/tincd-1.0pre8-solaris-sparc32-dynamic.gz)[*](#dynamic) -([sig](/packages/tincd-1.0pre8-solaris-sparc32-dynamic.gz.sig)), -
**Packages** -[Debian i386](/packages/debian/tinc_1.0pre8-1_i386.deb) -([woody](/packages/debian/tinc_1.0pre8-1.woody_i386.deb)), -[Slackware i386](/packages/slackware/tinc-1.0pre8-i386-1.tgz) -([Slackware 9](/packages/slackware/tinc-1.0pre8-i386-slackware9.tgz)),
@@ -402,19 +265,6 @@ When compiling under OpenBSD, you will need a small
**Source** [tinc-1.0pre7.tar.gz](/packages/tinc-1.0pre7.tar.gz) ([sig](/packages/tinc-1.0pre7.tar.gz.sig)) -
**Static binaries** -[Linux i386](/packages/tincd-1.0pre7-linux-i386-static.gz) -([sig](/packages/tincd-1.0pre7-linux-i386-static.gz.sig)), -[OpenBSD i386](/packages/tincd-1.0pre7-openbsd-i386-static.gz) -([sig](/packages/tincd-1.0pre7-openbsd-i386-static.gz.sig)), -[FreeBSD i386](/packages/tincd-1.0pre7-freebsd-i386-static.gz) -([sig](/packages/tincd-1.0pre7-freebsd-i386-static.gz.sig)), -[Solaris sparc32](/packages/tincd-1.0pre7-solaris-sparc32-dynamic.gz)[*](#dynamic) -([sig](/packages/tincd-1.0pre7-solaris-sparc32-dynamic.gz.sig)) -
**Packages** -[Debian i386](/packages/debian/tinc_1.0pre7-1_i386.deb), -[Redhat](/packages/redhat/tinc-1.0pre7-1.i386.rpm), -[Slackware i386](/packages/slackware/tinc-1.0pre7-i386-1.tgz)
@@ -422,19 +272,6 @@ When compiling under OpenBSD, you will need a small
**Source** [tinc-1.0pre6.tar.gz](/packages/tinc-1.0pre6.tar.gz) ([sig](/packages/tinc-1.0pre6.tar.gz.sig)) -
**Static binaries** -[Linux i386](/packages/tincd-1.0pre6-linux-i386-static.gz) -([sig](/packages/tincd-1.0pre6-linux-i386-static.gz.sig)), -[OpenBSD i386](/packages/tincd-1.0pre6-openbsd-i386-static.gz) -([sig](/packages/tincd-1.0pre6-openbsd-i386-static.gz.sig)), -[FreeBSD i386](/packages/tincd-1.0pre6-freebsd-i386-static.gz) -([sig](/packages/tincd-1.0pre6-freebsd-i386-static.gz.sig)), -[Solaris sparc32](/packages/tincd-1.0pre6-solaris-sparc32-dynamic.gz)[*](#dynamic) -([sig](/packages/tincd-1.0pre6-solaris-sparc32-dynamic.gz.sig)) -
**Packages** -[Debian i386](/packages/debian/tinc_1.0pre6-1_i386.deb) -
**Remarks** -Doesn't like signals and prefixlengths which are not divisible by 8.
@@ -442,20 +279,6 @@ Doesn't like signals and prefixlengths which are not divisible by 8.
**Source** [tinc-1.0pre5.tar.gz](/packages/tinc-1.0pre5.tar.gz) ([sig](/packages/tinc-1.0pre5.tar.gz.sig)) -
**Static binaries** -[Linux i386](/packages/tincd-1.0pre5-linux-i386-static.gz) -([sig](/packages/tincd-1.0pre5-linux-i386-static.gz.sig)), -[OpenBSD i386](/packages/tincd-1.0pre5-openbsd-i386-static.gz) -([sig](/packages/tincd-1.0pre5-openbsd-i386-static.gz.sig)), -[FreeBSD i386](/packages/tincd-1.0pre5-freebsd-i386-static.gz) -([sig](/packages/tincd-1.0pre5-freebsd-i386-static.gz.sig)), -[Solaris sparc32](/packages/tincd-1.0pre5-solaris-sparc32-dynamic.gz)[*](#dynamic) -([sig](/packages/tincd-1.0pre5-solaris-sparc32-dynamic.gz.sig)) -
**Packages** -[Debian i386](/packages/debian/tinc_1.0pre5-1_i386.deb), -[Debian potato i386](/packages/debian/tinc_1.0pre5-1.potato_i386.deb) -
**Remarks** -Blocking connect()s.
@@ -463,13 +286,6 @@ Blocking connect()s.
**Source** [tinc-1.0pre4.tar.gz](/packages/tinc-1.0pre4.tar.gz) ([sig](/packages/tinc-1.0pre4.tar.gz.sig)) -
**Static binaries** -[Linux i386](/packages/tincd-1.0pre4-i386-static.gz) -([sig](/packages/tincd-1.0pre4-i386-static.gz.sig)), -[FreeBSD i386](/packages/tincd-1.0pre4-freebsd-i386-static.gz) -([sig](/packages/tincd-1.0pre4-freebsd-i386-static.gz.sig)), -
**Remarks** -Contains key expiry bug, see [[FAQ|faq#keyexpire]].
@@ -477,12 +293,6 @@ Contains key expiry bug, see [[FAQ|faq#keyexpire]].
**Source** [tinc-1.0pre3.tar.gz](/packages/tinc-1.0pre3.tar.gz) ([sig](/packages/tinc-1.0pre3.tar.gz.sig)) -
**Static binaries** -[Linux i386](/packages/tincd-1.0pre3-i386-static.gz) -([sig](/packages/tincd-1.0pre3-i386-static.gz.sig)), -
**Packages** -[Debian i386](/packages/debian/tinc_1.0pre3-1_i386.deb), -[Debian potato i386](/packages/debian/tinc_1.0pre3-1potato_i386.deb)
@@ -490,11 +300,6 @@ Contains key expiry bug, see [[FAQ|faq#keyexpire]].
**Source** [tinc-1.0pre2.tar.gz](/packages/tinc-1.0pre2.tar.gz) ([sig](/packages/tinc-1.0pre2.tar.gz.sig)) -
**Packages** -[Debian i386](/packages/debian/tinc_1.0pre2-1_i386.deb), -[Redhat i386](/packages/redhat/tinc-1.0pre2-1.i386.rpm) -
**Remarks** -Contains security hole, see [[news|news/2000-09-10]].
@@ -502,11 +307,6 @@ Contains security hole, see [[news|news/2000-09-10]].
**Source** [tinc-1.0pre1.tar.gz](/packages/tinc-1.0pre1.tar.gz) ([sig](/packages/tinc-1.0pre1.tar.gz.sig)) -
**Packages** -[Debian i386](/packages/debian/tinc_1.0pre1-0.4_i386.deb), -[Redhat i386](/packages/redhat/tinc-1.0pre1-2.i386.rpm) -
**Remarks** -Contains security hole, see [[news|news/2000-09-10]].
@@ -514,8 +314,6 @@ Contains security hole, see [[news|news/2000-09-10]].
**Source** [tinc-0.3.3.tar.gz](/packages/tinc-0.3.3.tar.gz) ([sig](/packages/tinc-0.3.3.tar.gz.sig)) -
**Remarks** -Contains security hole, see [[news|news/2000-09-10]].
diff --git a/index.mdwn b/index.mdwn index 00dd7dd..cea3ff2 100644 --- a/index.mdwn +++ b/index.mdwn @@ -1,8 +1,8 @@ # Welcome to tinc! -### Latest stable version: [[1.0.20|download]] +### Latest stable version: [[1.0.21|download]] -Latest prerelease from the 1.1 branch: [[1.1pre6|download]] +Latest prerelease from the 1.1 branch: [[1.1pre7|download]] ### Latest news: diff --git a/news/release-1.0.21.mdwn b/news/release-1.0.21.mdwn new file mode 100644 index 0000000..8d15cd0 --- /dev/null +++ b/news/release-1.0.21.mdwn @@ -0,0 +1,8 @@ +[[!meta author="guus"]] +[[!meta date="April 22nd 2013"]] + +Version 1.0.21 released. + + * Drop packets forwarded via TCP if they are too big (CVE-2013-1428). + +Thanks to Martin Schobert for auditing tinc and reporting this vulnerability. diff --git a/news/release-1.1pre7.mdwn b/news/release-1.1pre7.mdwn new file mode 100644 index 0000000..034f52c --- /dev/null +++ b/news/release-1.1pre7.mdwn @@ -0,0 +1,12 @@ +[[!meta author="guus"]] +[[!meta date="April 22th 2013"]] + +Version 1.1pre7 released. + + * Fixed large latencies on Windows. + * Renamed the tincctl tool to tinc. + * Simplified changing the configuration using the tinc tool. + * Added a full description of the ExperimentalProtocol to the manual. + * Drop packets forwarded via TCP if they are too big (CVE-2013-1428). + +Thanks to Martin Schobert for auditing tinc and reporting the vulnerability. diff --git a/security.mdwn b/security.mdwn index 91c5647..d6cdea0 100644 --- a/security.mdwn +++ b/security.mdwn @@ -1,3 +1,14 @@ +## Security advisories + +The following list contains advisories for security issues in tinc in old versions: + +- [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1428](CVE-2013-1428): + to be published. +- [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1755](CVE-2002-1755): + tinc 1.0pre3 and 1.0pre4 VPN do not authenticate forwarded packets, which allows remote attackers to inject data into user sessions without detection, and possibly control the data contents via cut-and-paste attacks on CBC. +- [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-1505](CVE-2001-1505): + tinc 1.0pre3 and 1.0pre4 allow remote attackers to inject data into user sessions by sniffing and replaying packets. + ## Possible weak keys generated by tinc on Debian (and derivates) due to a security bug in Debian's OpenSSL packages For those who run tinc on Debian or Debian-based distributions like @@ -22,7 +33,7 @@ well. Regenerate any keying material that you have exchanged via your tinc VPN if any of the nodes was running on an affected platform. -## Security issues in tinc +## Known security issues in tinc 1.0.x Although tinc uses the OpenSSL library, it does not use the SSL protocol to establish connections between daemons. The reasons for this were: @@ -37,10 +48,8 @@ René Korthaus, Andreas Hübner, Felix Stein and Wladimir Paulsen have also look and have provided a more in-depth analysis of the most critical weaknesses. In the interest of full disclosure we will list the known weaknesses below. -For tinc 2.0 and later we will use a standard protocol like SSH or TLS to perform authentication. -For the encapsulated packets, we will consider protocols like DTLS, but due to the specific needs of a peer-to-peer VPN, -we might also keep our own protocol, but update it to current security standards. -We might also release an interim version that just fixes the vulnerabilities in tinc 1.x in the near future. +Tinc 1.1pre3 and later will use a new protocol that fixes all these issues, +and that is similar to (D)TLS with a strong cipher suite. ### Predictable IV -- 2.20.1