Hi, On Fri, Nov 10, 2023 at 10:51:34AM +0100, Gert Doering wrote: > I'll see if I can reproduce this case here and we'll fix it ASAP.
We couldn't reproduce it yet, but we have a crash dump in GH issue #449, which hints at the commit cd4d819c99266 getting this double-extra-check wrong. So if you build from git, can you do a checkout of release/2.6, and then do "git revert cd4d819c99266", and build from that? This would give you a 2.6.7 "with both CVE fixes, but without the extra safeguard check" - which isn't *really* needed, but its intention was "should another mistake of sort addressed in the CVE fixes happen again, it would get caught" - so double belt and suspenders... gert -- "If was one thing all people took for granted, was conviction that if you feed honest figures into a computer, honest figures come out. Never doubted it myself till I met a computer with a sense of humor." Robert A. Heinlein, The Moon is a Harsh Mistress Gert Doering - Munich, Germany g...@greenie.muc.de
signature.asc
Description: PGP signature
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel