[[!meta author="guus"]]
[[!meta date="October 8th 2018"]]

Versions 1.0.35 and 1.1pre17 released.

* Prevent oracle attacks (CVE-2018-16737, CVE-2018-16738).
* Prevent a MITM from forcing a NULL cipher for UDP (CVE-2018-16758).

Thanks to Michael Yonli for auditing tinc and reporting these vulnerabilities. For more information, see the [[security]] page.