This release is for desktop only.
Added
- Add header containing OS version to version-check API call to enable OS specific compatibility and
vulnerability checks. - Add
TALPID_DISABLE_OFFLINE_MONITORenvironment variable to allow users to disable offline
detection.
Android
- Allow to configure the tunnel to use custom DNS servers.
- Show only applications that has INTERNET permission on split tunnel screen.
Linux
- Improved compatiblitiy with newer versions of systemd-resolved.
- Add version data to problem reports for the following software: the kernel, NetworkManager,
WireGuard kernel module, SystemD.
Changed
- Allow the API to be accessed while in a blocking state.
- Prefer the last used API endpoint when the service starts back up, as well as in other tools such
as the problem report tool. - Migrate cache to a directory readable by all users, consistent with Android and Linux.
- Change the default value of the GUI auto-connect setting to "off" and respect the setting when
logging in.
Linux
- Improve offline check to query the routing table to allow users to use a bridged adapter as their
primary interface.
Fixed
- Fix Turkish translations for on/off in the bridge settings. They were inverted, so it was
confusing to change the setting. - Stop returning bogus version information when there is no version cache.
Linux
- Fix missing app window icon in Xfce.
Windows
- Resolve single-label hostnames correctly.
Security
- Default to connecting when the daemon starts if the target state cache cannot be read or parsed.
Linux
- Prevent the private tunnel IPv6 address from being detectable on a local network when using
OpenVPN by correctly applying the fix for
CVE-2019-14899.
Windows
- Deny network access to the OpenVPN plugin pipe, which allowed for anonymous write access when
passwordless file sharing was enabled.