So, thanks for the patch. I have added the "Signed-off-By:" line to
the commit message as our guidelines explain.
Also, this has been reported as "SECURITY ISSUE!!" by two independent
security researchers (well, their AIs, it seems) - which it isn't, as
the buffers involved are always larger than "just the packet". Still,
it's a bug, it's a good find, and thanks for the patch.
Your patch has been applied to the master, release/2.7 and release/2.6
branch.
commit f8b15dad1258d6cf71ffa16f67efd9f8b57b9727 (master)
commit 47c9267120d3ee556c30616e1e0e218b78144441 (release/2.7)
commit 66c7d4352c10ca51c20d1fc34c978164e93d21d4 (release/2.6)
Author: rootvector2
Date: Wed Jul 15 22:22:02 2026 +0200
proto: correct 802.1Q length check in is_ipv_X
Signed-off-by: rootvector2 <[email protected]>
Acked-by: Arne Schwabe <[email protected]>
Acked-by: Antonio Quartulli <[email protected]>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1789
Message-Id: <[email protected]>
URL:
https://www.mail-archive.com/[email protected]/msg37652.html
Signed-off-by: Gert Doering <[email protected]>
--
kind regards,
Gert Doering
_______________________________________________
Openvpn-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openvpn-devel