Versions 1.0.35 and 1.1pre17 released.
- Prevent oracle attacks (CVE-2018-16737, CVE-2018-16738).
- Prevent a MITM from forcing a NULL cipher for UDP (CVE-2018-16758).
Thanks to Michael Yonli for auditing tinc and reporting these vulnerabilities. For more information, see the security page.