From cd9368c6a1b4ef91d77bb3fdbe2e5bc34aa6f4c4 Mon Sep 17 00:00:00 2001
From: Martin Hecht <mrbaseman@gmx.de>
Date: Mon, 24 Feb 2020 15:30:34 +0100
Subject: [PATCH] openfortivpn version 1.12.0

---
 CHANGELOG.md | 12 ++++++++++++
 configure.ac |  2 +-
 2 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 4ad545a..4758e54 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -14,6 +14,18 @@ Releases
 This high level changelog is usually updated when a release is tagged.
 On the master branch there may be changes that are not (yet) described here.
 
+### 1.12.0
+
+* [-] fix CVE-2020-7043: TLS Certificate CommonName NULL Byte Vulnerability
+* [-] fix CVE-2020-7042: use of uninitialized memory in X509_check_host
+* [-] fix CVE-2020-7041: incorrect use of X509_check_host (regarding return value).
+* [-] always hide cleartest password in -vv output
+* [+] add a clear warning about sensitive information in the debug output
+* [+] add a hint in debug output when password is read from config file
+* [-] fix segfault when connecting with empty password
+* [+] use resolvconf if available to update resolv.conf file
+* [~] replace semicolon by space in dns-suffix string
+
 ### 1.11.0
 
 * [+] allow to connect with empty password (and with smartcard instead of username)
diff --git a/configure.ac b/configure.ac
index 148dac7..c67a11d 100644
--- a/configure.ac
+++ b/configure.ac
@@ -2,7 +2,7 @@
 # Process this file with autoconf to produce a configure script.
 
 AC_PREREQ([2.63])
-AC_INIT([openfortivpn], [1.11.0])
+AC_INIT([openfortivpn], [1.12.0])
 AC_CONFIG_SRCDIR([src/main.c])
 AM_INIT_AUTOMAKE([foreign subdir-objects])
 
-- 
GitLab