From 2c8e4bc4f9ab94e4d0b63341820d471af7c28c6c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B6rg=20Frings-F=C3=BCrst?= <debian@jff.email>
Date: Sun, 29 Jul 2018 13:59:02 +0200
Subject: New upstream version 2.4.6

---
 Changes.rst | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)

(limited to 'Changes.rst')

diff --git a/Changes.rst b/Changes.rst
index 4168d62..b8ed5ce 100644
--- a/Changes.rst
+++ b/Changes.rst
@@ -320,6 +320,32 @@ Maintainer-visible changes
   use -std=gnu99 in CFLAGS.  This is known to be needed when doing
   i386/i686 builds on RHEL5.
 
+Version 2.4.6
+=============
+This is primarily a maintenance release with minor bugfixes and improvements,
+and one security relevant fix for the Windows Interactive Service.
+
+User visible changes
+--------------------
+- warn if the management interface is configured with a TCP port and
+  no password is set (because it might be possible to interfere with
+  OpenVPN operation by tricking other programs into connecting to the
+  management interface and inject unwanted commands)
+
+Bug fixes
+---------
+- CVE-2018-9336: fix potential double-free() in the Interactive Service
+  (Windows) on malformed input.
+
+- avoid possible integer overflow in wakeup computation (trac #922)
+
+- improve handling of incoming packet bursts for control channel data
+
+- fix compilation with older OpenSSL versions that were broken in 2.4.5
+
+- Windows + interactive Service: delete the IPv6 route to the "connected"
+  network on tun close
+
 
 Version 2.4.5
 =============
-- 
cgit v1.2.3