[<prev] [next>] [day] [month] [year] [list]
Date: Wed, 24 Jun 2015 11:46:51 +0200
From: Sebastian Krahmer <krahmer@...e.com>
To: oss-security@...ts.openwall.com
Subject: OpenVPN hardening patches
Hi
As required per list policy, I am forwarding the patch that
I sent to distros list two weeks ago, as well as to upstream.
It is available here:
https://bugzilla.suse.com/show_bug.cgi?id=934237
I am still discussing some points with upstream, but most of the issues
should have no/little impact; for example the FD_SETSIZE checks are good
to have but mostly appear on client side code that should not outrun
the fdset; or the _exit() in the assert is in place just to ensure
termination in case someone "creates" an non-exit path in the msg(M_FATAL)
function by changing the muting-code or alike.
I am not requesting any CVEs.
Sebastian
--
~ perl self.pl
~ $_='print"\$_=\47$_\47;eval"';eval
~ krahmer@...e.com - SuSE Security Team
Powered by blists - more mailing lists
Please check out the
Open Source Software Security Wiki, which is counterpart to this
mailing list.
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
