Your patch has been applied to the master and release/2.4 branch (bugfix). I have amended the commit message to make it more clear what is the risk (DoS against another random user of the same server, but no traffic injection or stealing)
Code change is "obviously correct". Have still given it a t_client run for good measure :-) commit 37bc691e7d26ea4eb61a8a434ebd7a9ae76225ab (master) commit f7b318f811bb43c0d3aa7f337ec6242ed2c33881 (release/2.4) Author: Lev Stipakov Date: Wed Apr 15 10:30:17 2020 +0300 Fix illegal client float (CVE-2020-11810) Signed-off-by: Lev Stipakov <l...@openvpn.net> Acked-by: Gert Doering <g...@greenie.muc.de> Acked-by: Arne Schwabe <a...@rfc2549.org> Acked-by: Antonio Quartulli <anto...@openvpn.net> Acked-by: Gert Doering <g...@greenie.muc.de> Message-Id: <20200415073017.22839-1-lstipa...@gmail.com> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg19720.html Signed-off-by: Gert Doering <g...@greenie.muc.de> -- kind regards, Gert Doering _______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel