Date: Wed, 24 Jun 2015 11:46:51 +0200 From: Sebastian Krahmer <krahmer@...e.com> To: oss-security@...ts.openwall.com Subject: OpenVPN hardening patches Hi As required per list policy, I am forwarding the patch that I sent to distros list two weeks ago, as well as to upstream. It is available here: https://bugzilla.suse.com/show_bug.cgi?id=934237 I am still discussing some points with upstream, but most of the issues should have no/little impact; for example the FD_SETSIZE checks are good to have but mostly appear on client side code that should not outrun the fdset; or the _exit() in the assert is in place just to ensure termination in case someone "creates" an non-exit path in the msg(M_FATAL) function by changing the muting-code or alike. I am not requesting any CVEs. Sebastian -- ~ perl self.pl ~ $_='print"\$_=\47$_\47;eval"';eval ~ krahmer@...e.com - SuSE Security Team
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.