So, thanks for the patch.  I have added the "Signed-off-By:" line to
the commit message as our guidelines explain.

Also, this has been reported as "SECURITY ISSUE!!" by two independent
security researchers (well, their AIs, it seems) - which it isn't, as
the buffers involved are always larger than "just the packet".  Still,
it's a bug, it's a good find, and thanks for the patch.

Your patch has been applied to the master, release/2.7 and release/2.6
branch.

commit f8b15dad1258d6cf71ffa16f67efd9f8b57b9727 (master)
commit 47c9267120d3ee556c30616e1e0e218b78144441 (release/2.7)
commit 66c7d4352c10ca51c20d1fc34c978164e93d21d4 (release/2.6)
Author: rootvector2
Date:   Wed Jul 15 22:22:02 2026 +0200

     proto: correct 802.1Q length check in is_ipv_X

     Signed-off-by: rootvector2 <[email protected]>
     Acked-by: Arne Schwabe <[email protected]>
     Acked-by: Antonio Quartulli <[email protected]>
     Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1789
     Message-Id: <[email protected]>
     URL: 
https://www.mail-archive.com/[email protected]/msg37652.html
     Signed-off-by: Gert Doering <[email protected]>


--
kind regards,

Gert Doering



_______________________________________________
Openvpn-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openvpn-devel

Reply via email to